Alternatives and similar repositories for writeups

Users that are interested in writeups are comparing it to the libraries listed below

• BehroozAbbassi / DriverAnalyzer
  A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in drivers…
  ☆71Updated 4 years ago
• yardenshafir / conference_talks
  Slides from various conference talks
  ☆37Updated 2 years ago
• jackullrich / Windows-API-Fuzzer
  Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
  ☆99Updated 5 years ago
• msuiche / smbaloo
  ☆48Updated 5 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆73Updated 2 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆36Updated 4 months ago
• 0vercl0k / KEPaboo
  Neutralize KEPServerEX anti-debugging techniques
  ☆33Updated 2 years ago
• EliseZeroTwo / SEH-Helper
  Binary Ninja plugin for exploring Structured Exception Handlers
  ☆82Updated last year
• h0mbre / Windows-Exploits
  ☆91Updated 5 years ago
• eset / wslink-vm-analyzer
  WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware
  ☆48Updated 3 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆31Updated 2 years ago
• 0vercl0k / CVE-2021-32537
  PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.
  ☆57Updated 4 years ago
• BehroozAbbassi / sdkffi
  A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.
  ☆94Updated 3 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆49Updated 5 years ago
• thebabush / dumb-obfuscator
  Tutorial on how to write the dumbest obfuscator I could think of.
  ☆179Updated 5 years ago
• 0vercl0k / lockmem
  This utility allows you to lock every available memory regions of an arbitrary process into its working set.
  ☆69Updated 2 years ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆113Updated 3 years ago
• d00rt / ebfuscator
  Ebfuscator: Abusing system errors for binary obfuscation
  ☆52Updated 5 years ago
• DownWithUp / CVE-Stockpile
  Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
  ☆50Updated 5 years ago
• pwnlogs / d-time
  This repository contains D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation.
  ☆36Updated 5 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆63Updated last year
• Signal-Labs / IOCTLDump
  ☆148Updated 2 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated 3 years ago
• 0vercl0k / symbolizer
  A fast execution trace symbolizer for Windows.
  ☆130Updated last year
• tinysec / rtypes
  A simple but useful project maybe help you reverse Windows.
  ☆41Updated last year
• redplait / pexphide
  PoC for hiding PE exports
  ☆67Updated 5 years ago
• waleedassar / RestrictedKernelLeaks
  ☆163Updated 4 years ago
• ioncodes / kdbg-driver-workstation
  ☆14Updated 4 years ago
• ohjeongwook / windows_sdk_data
  Windows API listing in JSON format - generated from SDK headers + SDK API documentation
  ☆67Updated 5 years ago