Alternatives and similar repositories for drawings

Users that are interested in drawings are comparing it to the libraries listed below

• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆218Updated 3 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆132Updated 2 years ago
• merces / entropy
  CLI program to calculate the entropy of files
  ☆74Updated 2 weeks ago
• PELock / Simple-Polymorphic-Engine-SPE32
  Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used …
  ☆155Updated 2 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆70Updated 4 years ago
• Fyyre / ntdll
  ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h
  ☆148Updated 6 years ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆127Updated 2 years ago
• nickcano / RelocBonus
  An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.
  ☆312Updated 7 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆144Updated 5 years ago
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆99Updated last year
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆89Updated 10 years ago
• zodiacon / QuickAsm
  Simple x86/x64 Assembler/Disassembler/Emulator
  ☆187Updated last year
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆219Updated 3 years ago
• zodiacon / syllabi
  ☆63Updated last year
• dr-anoroc / rawccopy
  Command line utility for copying files on NTFS using low level disk access
  ☆39Updated last year
• zodiacon / TotalPE
  Yet another PE Viewer
  ☆142Updated 2 years ago
• d35ha / xLogger
  Simple windows API logger
  ☆109Updated 6 years ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆71Updated last year
• mandiant / STrace
  A DTrace on Windows Reimplementation
  ☆366Updated 2 months ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆63Updated last year
• mandiant / poisonplug-scatterbrain
  Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator
  ☆71Updated 9 months ago
• zodiacon / ApiSetView
  API Set Viewer
  ☆90Updated 10 months ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆184Updated 7 months ago
• xenocidewiki / UndocumentedNTAPI
  I was challenged by a friend to list all the processes and drivers in a system using more "unusual" methods. By doing this I learned quit…
  ☆14Updated 9 years ago
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆310Updated last year
• nsacyber / Driver-Collider
  Blocks drivers from loading by using a name collision technique. #nsacyber
  ☆50Updated 7 years ago
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆257Updated 3 years ago
• ionescu007 / r0ak
  ☆34Updated 7 years ago
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆118Updated 2 years ago
• serge1 / COFFI
  A header-only C++ library for accessing files in COFF binary format. (Including Windows PE/PE+ formats)
  ☆207Updated 3 months ago