Alternatives and similar repositories for IAT-Tracer

Users that are interested in IAT-Tracer are comparing it to the libraries listed below

• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆116Updated 2 years ago
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆88Updated this week
• jdu2600 / Etw-SyscallMonitor
  Monitors ETW for security relevant syscalls maintaining the set called by each unique process
  ☆79Updated 2 years ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆106Updated 4 months ago
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆118Updated 2 years ago
• pathtofile / SealighterTI
  Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
  ☆176Updated 2 years ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆105Updated 2 years ago
• struppigel / hedgehog-tools
  ☆115Updated last month
• jk45054 / CTF-writeups
  Writeups for CTF challenges
  ☆31Updated last year
• alfarom256 / MCP-PoC
  Minifilter Callback Patching Proof-of-Concept
  ☆71Updated 2 years ago
• hugsy / recon_2024_windbg_workshop
  ☆74Updated 11 months ago
• thefLink / Hunt-Weird-Syscalls
  ETW based POC to identify direct and indirect syscalls
  ☆187Updated 2 years ago
• cod3nym / Deobfuscar
  A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
  ☆46Updated last year
• RedTeamOperations / VEH-PoC
  ☆114Updated 2 years ago
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆22Updated last year
• t0-retooling / defender-recon24
  ☆52Updated 8 months ago
• NUL0x4C / EtwSessionHijacking
  A Poc on blocking Procmon from monitoring network events
  ☆103Updated 2 years ago
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆251Updated last year
• airbus-cert / vbSparkle
  VBScript & VBA source-to-source deobfuscator with partial-evaluation
  ☆77Updated 10 months ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆73Updated last year
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆138Updated 2 years ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆107Updated 2 years ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆79Updated 2 years ago
• xenoscr / manual-syscall-detect
  A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
  ☆111Updated 3 years ago
• CognisysGroup / SweetDreams
  Implementation of Advanced Module Stomping and Heap/Stack Encryption
  ☆217Updated last year
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆155Updated 6 months ago
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆98Updated last year
• p0dalirius / pyPDBdownload
  A Python script to download PDB files associated with a Portable Executable (PE)
  ☆121Updated 4 months ago
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆102Updated 2 years ago
• Slowerzs / KeyJumper
  ☆48Updated 2 months ago