Alternatives and similar repositories for gftrace

Users that are interested in gftrace are comparing it to the libraries listed below

• YoavLevi / IAT-Tracer

  View on GitHub
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆125Jul 12, 2024Updated last year
• leandrofroes / malware-research

  View on GitHub
  General malware analysis stuff
  ☆37Aug 26, 2024Updated last year
• enkomio / thematrix

  View on GitHub
  a PE Loader and Windows API tracer. Useful in malware analysis.
  ☆143Sep 19, 2022Updated 3 years ago
• mrexodia / dumpulator

  View on GitHub
  An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…
  ☆854Feb 2, 2024Updated 2 years ago
• 0x0xxxx / CVE

  View on GitHub
  ☆18Jan 21, 2026Updated 3 weeks ago
• trendmicro / research

  View on GitHub
  Resources from Trend Micro Research teams
  ☆26Nov 14, 2024Updated last year
• danielplohmann / mcrit

  View on GitHub
  The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…
  ☆96Jan 13, 2026Updated last month
• mandiant / dncil

  View on GitHub
  The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
  ☆171Feb 5, 2026Updated last week
• archercreat / titan

  View on GitHub
  Titan is a VMProtect devirtualizer
  ☆117Mar 6, 2024Updated last year
• struppigel / hedgehog-tools

  View on GitHub
  ☆126Feb 2, 2026Updated last week
• mandiant / GoReSym

  View on GitHub
  Go symbol recovery tool
  ☆912Jan 13, 2026Updated last month
• keowu / Treinamento-Introducao-a-Engenharia-Reversa-no-Windows

  View on GitHub
  Conteúdo do treinamento/brainstorming Introdução a engenharia reversa no Windows feito com muito carinho por mim.
  ☆17Oct 13, 2022Updated 3 years ago
• horsicq / XDecompiler

  View on GitHub
  ☆12Jan 18, 2026Updated 3 weeks ago
• MrDomainAdmin / LyinEagle

  View on GitHub
  Python C2 with JScript Implant
  ☆15Nov 15, 2023Updated 2 years ago
• elfmaster / maya

  View on GitHub
  Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.
  ☆159Sep 3, 2022Updated 3 years ago
• WithSecureLabs / GarbageMan

  View on GitHub
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆119Apr 8, 2023Updated 2 years ago
• mrexodia / phnt-single-header

  View on GitHub
  Single header version of System Informer's phnt library.
  ☆240Jan 9, 2026Updated last month
• cxiao / rust-reversing-workshop-northsec-2024

  View on GitHub
  ☆22May 24, 2024Updated last year
• janbbeck / CleanTricks

  View on GitHub
  Binary Ninja plugin to clean up some common obfuscation techniques.
  ☆22Jun 8, 2020Updated 5 years ago
• splexas / TrampHooker

  View on GitHub
  A mechanism that trampoline hooks functions in x86/x64 systems.
  ☆21Oct 9, 2024Updated last year
• Bw3ll / sharem

  View on GitHub
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆478Jun 25, 2025Updated 7 months ago
• merces / hem-hashes

  View on GitHub
  Hiew External Module (HEM) to calculate CRC-32, MD5, SHA-1, and SHA-256 hashes of a given file/block
  ☆44Dec 17, 2024Updated last year
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV

  View on GitHub
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆288May 27, 2024Updated last year
• intel471 / coderex

  View on GitHub
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆71Apr 18, 2024Updated last year
• huntandhackett / process-cloning

  View on GitHub
  The Definitive Guide To Process Cloning on Windows
  ☆539Jan 3, 2024Updated 2 years ago
• Colton1skees / Dna

  View on GitHub
  LLVM based static binary analysis framework
  ☆300Apr 2, 2025Updated 10 months ago
• Sentinel-One / peafl64

  View on GitHub
  Static Binary Instrumentation tool for Windows x64 executables
  ☆207Sep 29, 2025Updated 4 months ago
• XaFF-XaFF / Black-Angel-Rootkit

  View on GitHub
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆671Nov 9, 2023Updated 2 years ago
• eset / stadeo

  View on GitHub
  Control-flow-flattening and string deobfuscator
  ☆160Nov 8, 2021Updated 4 years ago
• OALabs / BlobRunner

  View on GitHub
  Quickly debug shellcode extracted during malware analysis
  ☆625May 23, 2023Updated 2 years ago
• hasherezade / tiny_tracer

  View on GitHub
  A Pin Tool for tracing API calls etc
  ☆1,612Nov 25, 2025Updated 2 months ago
• rad9800 / RansomFS

  View on GitHub
  ☆31Feb 28, 2025Updated 11 months ago
• poona / APIMiner

  View on GitHub
  API Logger for Windows Executables
  ☆80Sep 30, 2020Updated 5 years ago
• archercreat / api-tracer

  View on GitHub
  api-tracer is a tiny (useless) tracer
  ☆17Feb 28, 2023Updated 2 years ago
• hasherezade / mal_unpack_drv

  View on GitHub
  MalUnpack companion driver
  ☆99Jun 17, 2024Updated last year
• therealdreg / windbgtocstruct

  View on GitHub
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆27Aug 11, 2023Updated 2 years ago
• mlcsec / proctools

  View on GitHub
  Small toolkit for extracting information and dumping sensitive strings from Windows processes
  ☆116Jul 17, 2024Updated last year
• LloydLabs / ntqueueapcthreadex-ntdll-gadget-injection

  View on GitHub
  This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …
  ☆260Apr 29, 2023Updated 2 years ago
• ethereal-vx / Antivirus-Artifacts

  View on GitHub
  Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
  ☆753Nov 16, 2021Updated 4 years ago