ergrelet/windiff external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ergrelet/windiff

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ergrelet/windiff)

Close

ergrelet / windiffView on GitHubMore

• External links
• Readme badge

Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.

☆355Feb 26, 2026Updated this week

Alternatives and similar repositories for windiff

Users that are interested in windiff are comparing it to the libraries listed below

• ergrelet / resym

  View on GitHub
  Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.
  ☆360Feb 9, 2025Updated last year
• FuzzySecurity / BulkBindex

  View on GitHub
  Winbindex bot to pull in binaries for specific releases
  ☆48Sep 15, 2023Updated 2 years ago
• Xyrem / HyperDeceit

  View on GitHub
  HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…
  ☆379Jun 3, 2023Updated 2 years ago
• hasherezade / tiny_tracer

  View on GitHub
  A Pin Tool for tracing API calls etc
  ☆1,620Feb 8, 2026Updated 3 weeks ago
• cyberark / PipeViewer

  View on GitHub
  A tool that shows detailed information about named pipes in Windows
  ☆733Nov 15, 2024Updated last year
• cyberark / RPCMon

  View on GitHub
  RPC Monitor tool based on Event Tracing for Windows
  ☆384Aug 19, 2024Updated last year
• Idov31 / Jormungandr

  View on GitHub
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆242Sep 26, 2023Updated 2 years ago
• Sentinel-One / peafl64

  View on GitHub
  Static Binary Instrumentation tool for Windows x64 executables
  ☆206Sep 29, 2025Updated 5 months ago
• trailofbits / RpcInvestigator

  View on GitHub
  Exploring RPC interfaces on Windows
  ☆345Jan 30, 2024Updated 2 years ago
• ropfuscator / ropfuscator

  View on GitHub
  ROPfuscator is a fine-grained code obfuscation framework for C/C++ programs using ROP (return-oriented programming).
  ☆436May 8, 2024Updated last year
• waleedassar / SimpleNTSyscallFuzzer

  View on GitHub
  ☆149Jan 25, 2024Updated 2 years ago
• m417z / winbindex

  View on GitHub
  An index of Windows binaries, including download links for executables such as exe, dll and sys files
  ☆765Updated this week
• binsync / binsync

  View on GitHub
  A reversing plugin for cross-decompiler collaboration, built on git.
  ☆683Updated this week
• airbus-cert / ttddbg

  View on GitHub
  Time Travel Debugging IDA plugin
  ☆592Jun 27, 2024Updated last year
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆657Jan 28, 2025Updated last year
• hfiref0x / WubbabooMark

  View on GitHub
  Debugger Anti-Detection Benchmark
  ☆382Jan 11, 2026Updated last month
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆268Aug 31, 2022Updated 3 years ago
• JustasMasiulis / ida_bitfields

  View on GitHub
  IDA Pro plugin to make bitfield accesses easier to grep
  ☆254Aug 3, 2025Updated 6 months ago
• mandiant / STrace

  View on GitHub
  A DTrace on Windows Reimplementation
  ☆369Feb 3, 2026Updated 3 weeks ago
• daem0nc0re / AtomicSyscall

  View on GitHub
  Tools and PoCs for Windows syscall investigation.
  ☆368Dec 2, 2025Updated 3 months ago
• archercreat / titan

  View on GitHub
  Titan is a VMProtect devirtualizer
  ☆118Mar 6, 2024Updated last year
• ThatLing / limba

  View on GitHub
  compile-time control flow obfuscation using mba
  ☆199Jul 4, 2023Updated 2 years ago
• memN0ps / redlotus-rs

  View on GitHub
  Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)
  ☆564Sep 12, 2023Updated 2 years ago
• Crypt0s / Ekko_CFG_Bypass

  View on GitHub
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆115Aug 29, 2022Updated 3 years ago
• lowleveldesign / comon

  View on GitHub
  A WinDbg extension to trace COM interactions
  ☆131Aug 14, 2025Updated 6 months ago
• thesecretclub / SandboxBootkit

  View on GitHub
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆318Oct 13, 2024Updated last year
• florylsk / RecycledInjector

  View on GitHub
  Native Syscalls Shellcode Injector
  ☆266Jul 2, 2023Updated 2 years ago
• commial / ttd-bindings

  View on GitHub
  Bindings for Microsoft WinDBG TTD
  ☆235Aug 5, 2023Updated 2 years ago
• 0vercl0k / symbolizer-rs

  View on GitHub
  A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.
  ☆100Jan 3, 2026Updated 2 months ago
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆952Feb 2, 2026Updated last month
• x86matthew / WinVisor

  View on GitHub
  WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API
  ☆642Jan 23, 2025Updated last year
• hugsy / CFB

  View on GitHub
  CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.
  ☆333Mar 26, 2024Updated last year
• Kudaes / Fiber

  View on GitHub
  Using fibers to run in-memory code.
  ☆242Oct 19, 2023Updated 2 years ago
• XaFF-XaFF / Black-Angel-Rootkit

  View on GitHub
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆674Nov 9, 2023Updated 2 years ago
• thalium / icebox

  View on GitHub
  Virtual Machine Introspection, Tracing & Debugging
  ☆596Feb 22, 2022Updated 4 years ago
• daem0nc0re / PrivFu

  View on GitHub
  Kernel mode WinDbg extension and PoCs for token privilege investigation.
  ☆900Jan 21, 2025Updated last year
• mrexodia / dumpulator

  View on GitHub
  An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…
  ☆855Feb 2, 2024Updated 2 years ago
• tandasat / hvext

  View on GitHub
  The Windbg extensions to study Hyper-V on Intel and AMD processors.
  ☆171Feb 10, 2026Updated 2 weeks ago
• hasherezade / process_overwriting

  View on GitHub
  Yet another variant of Process Hollowing
  ☆458Jul 31, 2025Updated 7 months ago