Alternatives and similar repositories for libfwevt:

Users that are interested in libfwevt are comparing it to the libraries listed below

• hailehong95 / practice-maldev
  Common Malware Techniques
  ☆13Updated 2 years ago
• stolenbytes / apcforthewin
  ☆16Updated 7 years ago
• conix-security / debug_inject
  Shellcode injection using debugging APIs
  ☆19Updated 11 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆37Updated 6 years ago
• majdi / deadlands
  🐧 A simple kernel-level rootkit
  ☆20Updated 9 years ago
• matteomattia / moo_rootkit
  it's a simple LKM rootkit.
  ☆12Updated 8 years ago
• mandiant / win10_auto
  ☆24Updated 5 years ago
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆35Updated 4 years ago
• killswitch-GUI / Winsock-PCAP
  C++ WinSock2 PCAP with RDI
  ☆13Updated 8 years ago
• DissectMalware / npp-langs-4-sec
  Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals
  ☆15Updated 4 years ago
• tyranid / setsidmapping
  Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.
  ☆23Updated 4 years ago
• rbmm / SearchEx
  D00
  ☆6Updated 3 years ago
• theevilbit / vaccination
  ☆10Updated 7 years ago
• 0xcpu / exthost
  A POC for Windows Extension Host hooking
  ☆22Updated 5 years ago
• rbertin / basic-rootkit
  just a basic rootkit for learning how to playing sys_call_table
  ☆14Updated 8 years ago
• coldshell / IDA-appcall
  ☆13Updated 7 years ago
• nccgroup / WindowsPatchDetector
  Experimental Windows .text section Patch Detector
  ☆21Updated 10 years ago
• ambray / DotNetReflectiveLoading
  ☆32Updated 8 years ago
• smgorelik / CIGslip
  A new binary injection technique, can easily go through any #CIG protected process and slip through all possible defenses without any inj…
  ☆18Updated 7 years ago
• Tera0017 / SDBbot-Unpacker
  SDBbot Unpacker Python 2.7
  ☆9Updated 4 years ago
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 6 years ago
• d35ha / xKeLogger
  Kernel mode windows NT API logger
  ☆22Updated 5 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• glinares / CSCGuard
  Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation
  ☆25Updated 7 years ago
• deroko / activationcontexthook
  ☆33Updated 7 years ago
• 3gstudent / SCTPersistence
  Create COM Objects backed by Scripts, not DLLs
  ☆9Updated 7 years ago
• Microwave89 / injector
  Code Injector Using Code Caves
  ☆14Updated 9 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆31Updated 4 years ago
• dsnezhkov / HandsFreeCOM
  Self-Loading Registration Free COM Functions
  ☆11Updated 5 years ago
• d35ha / RunPE
  An example of PE hollowing injection technique
  ☆23Updated 5 years ago