ambray / NtfsLinks
Various libraries focused on examining/parsing NTFS-specific structures
☆16Updated 9 years ago
Alternatives and similar repositories for Ntfs
Users that are interested in Ntfs are comparing it to the libraries listed below
Sorting:
- wow64 syscall filter☆13Updated 10 years ago
- Lists work items being queued currently.☆14Updated 10 years ago
- Windows registry files interactive viewer☆9Updated 8 years ago
- Notes my learning steps about Windows-NT☆23Updated 8 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- Framework complet d'analyse de malware☆12Updated 9 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 8 years ago
- does reflective dll injection☆8Updated 11 years ago
- Anti-AV compilation☆43Updated 11 years ago
- an efficient yet easy to use network packet builder and parser☆11Updated 7 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆16Updated 9 years ago
- ☆13Updated 7 years ago
- ☆10Updated 10 years ago
- Windows Kernel Mode PCRE☆10Updated 10 years ago
- ☆13Updated 6 years ago
- simple plugin for lastest olly versions to display the callstack☆16Updated 12 years ago
- IDA WhatAPIs PlugIn☆7Updated 9 years ago
- Cross-referencing network communication for detecting Advanced Persistent Threat (APT) malware☆6Updated 9 years ago
- Ssdt Hook Detection tool☆13Updated 8 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Updated 9 years ago
- ☆9Updated 8 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 8 years ago
- windows内核小工具,包含APP和driver☆11Updated 10 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- A library for interacting with Windows process memory☆7Updated 6 years ago
- CVE-2014-0816