Alternatives and similar repositories for python:

Users that are interested in python are comparing it to the libraries listed below

• KVM-VMI / nitro
  ☆47Updated 6 years ago
• carter-yagemann / vmi-unpack
  VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.
  ☆55Updated 5 years ago
• pfohjo / nitro
  KVM-based virtual machine introspection for malware analysis
  ☆29Updated 7 years ago
• ispras / qemu
  ☆51Updated 3 years ago
• quarkslab / whvp
  PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components
  ☆68Updated 3 years ago
• tianweiz07 / Cloud_Integrity
  Using LibVMI to detect malware
  ☆31Updated 3 years ago
• goretk / pygore
  pyGoRE - Python library for analyzing Go binaries
  ☆64Updated 3 years ago
• season-lab / ropdissector
  A framework for static analysis of ROP exploits and programs
  ☆40Updated 5 years ago
• bitdefender / libkvmi
  KVM Virtual Machine Introspection Library
  ☆46Updated last year
• FernandoDoming / r2diaphora
  Port of the binary diffing library, diaphora, for radare2 and mariadb
  ☆50Updated last year
• 0vercl0k / pywinhv
  Python bindings for the Microsoft Hypervisor Platform APIs.
  ☆80Updated 5 years ago
• KVM-VMI / kvm
  Fork of KVM with Virtual Machine Introspection patches
  ☆37Updated last year
• Cisco-Talos / Barbervisor
  Intel x86 bare metal hypervisor for researching snapshot fuzzing ideas.
  ☆166Updated 4 years ago
• tandasat / EopMon
  Elevation of privilege detector based on HyperPlatform
  ☆120Updated 8 years ago
• ohjeongwook / iptanalyzer
  Intel PT log analyzer With Parallel Processing And Basic Block Offset Caching Support
  ☆70Updated last year
• KVM-VMI / qemu
  Fork of QEMU with Virtual Machine Introspection patches
  ☆13Updated last year
• zhechkoz / PwIN
  Security Evaluation of Dynamic Binary Instrumentation Engines
  ☆80Updated 6 years ago
• season-lab / sok-dbi-security
  Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Secu…
  ☆22Updated 5 years ago
• pagabuc / kallsyms-extractor
  Tool to extract the kallsyms (System.map) from a memory dump
  ☆26Updated last year
• necst / arancino
  Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.
  ☆72Updated 3 years ago
• Winbagility / Winbagility
  [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;
  ☆73Updated 5 years ago
• andreafioraldi / r2angrdbg
  Use angr inside the radare2 debugger. Create an angr state from the current debugger state.
  ☆34Updated 5 years ago
• lucamassarelli / yarasafe
  SAFE embeddings to match functions in yara
  ☆100Updated 5 years ago
• marcusbotacin / BranchMonitoringProject
  A branch-monitor-based solution for process monitoring.
  ☆133Updated 5 years ago
• Cisco-Talos / FIRST-server
  ☆32Updated 10 months ago
• bitdefender / libbdvmi
  ☆62Updated last year
• FSecureLABS / ViridianFuzzer
  Kernel driver to fuzz Hyper-V hypercalls
  ☆137Updated 6 years ago
• Frky / scat
  Dynamic analysis of binary programs to retrieve function-related information (arity, type of parameters, coupling).
  ☆67Updated 7 years ago
• upring / virtdbg
  Automatically exported from code.google.com/p/virtdbg
  ☆98Updated 9 years ago
• tandasat / WinIoCtlDecoder
  IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.
  ☆109Updated last year