Alternatives and similar repositories for drawings

Users that are interested in drawings are comparing it to the libraries listed below

• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆218Updated 3 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆70Updated 4 years ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆128Updated 2 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆133Updated 2 years ago
• merces / entropy
  CLI program to calculate the entropy of files
  ☆75Updated 2 months ago
• PELock / Simple-Polymorphic-Engine-SPE32
  Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used …
  ☆154Updated 2 years ago
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆99Updated last year
• zodiacon / TotalPE
  Yet another PE Viewer
  ☆143Updated 3 years ago
• zodiacon / QuickAsm
  Simple x86/x64 Assembler/Disassembler/Emulator
  ☆189Updated last month
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆119Updated 2 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆220Updated 3 years ago
• hasherezade / module_overloading
  A more stealthy variant of "DLL hollowing"
  ☆363Updated last year
• dr-anoroc / rawccopy
  Command line utility for copying files on NTFS using low level disk access
  ☆40Updated last year
• diversenok / DiaSymbolView
  PDB file inspection tool
  ☆127Updated 2 months ago
• zodiacon / syllabi
  ☆65Updated 2 years ago
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆126Updated 4 years ago
• akuafif / hXOR-Packer
  A PE (Portable Executable) packer with Huffman Compression and Xor encryption.
  ☆67Updated 4 years ago
• zodiacon / ApiSetView
  API Set Viewer
  ☆91Updated last year
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆71Updated last year
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆261Updated 3 years ago
• leandrofroes / gftrace
  A command line Windows API tracing tool for Golang binaries.
  ☆159Updated 2 years ago
• Fyyre / ntdll
  ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h
  ☆149Updated 6 years ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆188Updated 9 months ago
• nickcano / RelocBonus
  An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.
  ☆314Updated 7 years ago
• ajkhoury / ApiSet
  API Set resolver for Windows
  ☆141Updated last year
• mandiant / STrace
  A DTrace on Windows Reimplementation
  ☆369Updated last week
• p0dalirius / pyPDBdownload
  A Python script to download PDB files associated with a Portable Executable (PE)
  ☆128Updated last year
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆89Updated 10 years ago
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆111Updated 4 years ago
• mandiant / poisonplug-scatterbrain
  Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator
  ☆75Updated 10 months ago