Alternatives and similar repositories for EvtxCarv

Users that are interested in EvtxCarv are comparing it to the libraries listed below

• kernullist / krn_pcre
  Windows Kernel Mode PCRE
  ☆10Updated 10 years ago
• somma / wmiq
  Handy WMI query tool.
  ☆12Updated 9 years ago
• ghonsa / DeviceDmp
  Windows device tree walker
  ☆15Updated 6 years ago
• Mirraz / regparser
  Windows registry files interactive viewer
  ☆9Updated 8 years ago
• dgros / Malware_Analyzer
  Framework complet d'analyse de malware
  ☆12Updated 9 years ago
• hailehong95 / practice-maldev
  Common Malware Techniques
  ☆13Updated 2 years ago
• xiaobfly / TsFltMgr
  ☆14Updated 10 years ago
• aeoliazhang / windows_knifetool
  windows内核小工具，包含APP和driver
  ☆11Updated 10 years ago
• emc2314 / PEZEncrypt
  PE Infector/Cryptor source code
  ☆15Updated 8 years ago
• clavis0x / AntiRansomware
  ☆29Updated 7 years ago
• Fliggibish / RansomwareDetector
  ☆12Updated 7 years ago
• push0ebp / xMalHunter
  x64dbg Malware Plugin. Detect malicious materials
  ☆15Updated 5 years ago
• aaaddress1 / APCInjector-BYPASS-AV
  ☆19Updated 9 years ago
• floomby / injector
  does reflective dll injection
  ☆8Updated 11 years ago
• zer0fl4g / OllyCallstack
  simple plugin for lastest olly versions to display the callstack
  ☆16Updated 12 years ago
• somma / bob_dbg
  ☆10Updated 8 years ago
• russellklenk / ETW
  Event Tracing for Windows Custom Events
  ☆21Updated 10 years ago
• ohierro / gDrive
  Google Drive windows virtual unit
  ☆9Updated 11 years ago
• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 8 years ago
• flankersky / WinStack
  Try to transport the tcpip stack of ReactOS to Windows XP.
  ☆17Updated 11 years ago
• ycscaly / Windows-Kernel-Research
  A project dedicated towards researching the Windows operating system's kernel mode enviornment.
  ☆8Updated 9 years ago
• killvxk / THL-StealthDLLInjection
  ☆10Updated 11 years ago
• mq1n / ForceThreadSuspend
  Windows hidden thread suspend POC with code injection
  ☆12Updated 8 years ago
• coldshell / IDA-appcall
  ☆13Updated 7 years ago
• wolk-1024 / WoW64Utils
  WoW64 -> x64
  ☆19Updated 8 years ago
• blaquee / APCHook
  hooking KiUserApcDispatcher
  ☆24Updated 8 years ago
• sin5678 / wow64hook
  wow64 syscall filter
  ☆13Updated 10 years ago
• skmcclure / WMI_cmd
  Use Windows Management Instrumentation interfaces to perform actions on a Windows system from a Linux System
  ☆16Updated 13 years ago
• al-homedawy / LPMS
  A memory engine that scans, debugs and disassembles an applications memory space.
  ☆14Updated 7 years ago
• IgorKorkin / AllMemProTestBed
  Legal access: The driver and console app to demonstrate the basic memory access in kernel mode
  ☆9Updated 7 years ago