Alternatives and similar repositories for ForensicsTools_Kaspersky

Users that are interested in ForensicsTools_Kaspersky are comparing it to the libraries listed below

• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆38Updated 5 years ago
• SafeBreach-Labs / CoWTools
  Tools for analyzing Windows containers and break container's isolation
  ☆32Updated 2 years ago
• shubham0d / SymBlock
  A windows kernel driver to Block symbolic link exploit used for privilege escalation.
  ☆14Updated 4 years ago
• NUL0x4C / T.D.P.
  Using Thread Description To Hide Shellcodes
  ☆14Updated 2 years ago
• decoder-it / CreateTokenExample
  ☆18Updated 6 years ago
• Andy53 / ERC.net
  A collection of tools for debugging Windows application crashes.
  ☆15Updated 2 years ago
• connormcgarr / Presentations
  ☆28Updated 8 months ago
• gabriellandau / CISpotter
  Code Integrity Violation Spotter
  ☆16Updated last year
• XaFF-XaFF / Assembler-MessageBox
  An Assembly x86 code that shows Windows MessageBox kept as simple as possible.
  ☆11Updated 2 years ago
• Yaxser / Itaskhandler
  Implementation of ITaskHandler in C++
  ☆13Updated 2 years ago
• D4rthMaulCop / DarthNetLoader
  ☆15Updated last year
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆34Updated 3 years ago
• am0nsec / masm64
  Collection of structures, prototype and examples for Microsoft Macro Assembler (MASM) x64.
  ☆16Updated 4 years ago
• Harvester57 / CodeIntegrity-DriverBlocklist
  ☆20Updated last month
• yo-yo-yo-jbo / anti_debugging_intro
  ☆25Updated 2 years ago
• yardenshafir / conference_talks
  Slides from various conference talks
  ☆37Updated 2 years ago
• rbmm / partial
  d
  ☆13Updated last year
• NtRaiseHardError / Windows-Binary-Exploitation
  Resources from my journey into Windows binary exploitation
  ☆23Updated 6 years ago
• namazso / PEDiffGen
  Subtract one PE file from another!
  ☆22Updated 3 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• williamknows / CodeCoverageModuleStomping
  ☆12Updated 5 years ago
• XaFF-XaFF / WinREPL
  WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.
  ☆17Updated 2 years ago
• therealdreg / Win.Cerdalux
  WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs
  ☆18Updated last year
• cocomelonc / 2022-01-24-malware-injection-15
  Process injection via KernelCallbackTable
  ☆14Updated 3 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆39Updated 3 years ago
• mgeeky / PEInfo
  Another Portable Executable files analysing stuff
  ☆21Updated 14 years ago
• aaaddress1 / masqueradeCmdline
  A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
  ☆40Updated 4 years ago
• jaamaal / Embed
  Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, Pro…
  ☆22Updated 4 years ago
• Flawww / NtSyscaller
  Manually perform syscalls without going through any external API or DLL.
  ☆19Updated 2 years ago
• AsuNa-jp / HotkeybasedKeyloggerDetector
  ☆19Updated 4 months ago