Alternatives and similar repositories for windd

Users that are interested in windd are comparing it to the libraries listed below

• firefart / UARTBruteForcer
  ☆18Updated 10 years ago
• Fleex255 / CustomShim
  Example/starter code for custom Windows application compatibility shims
  ☆38Updated 5 years ago
• MaKiPL / ASLR_disabler
  Disables ASLR flag IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE in IMAGE_OPTIONAL_HEADER on pre-compiled EXE. Works for both 32 and 64 bit Windo…
  ☆20Updated 5 years ago
• OSWatcher / windows-desktop
  History and analysis of Windows desktop images
  ☆19Updated 5 years ago
• horsicq / YARA-sort
  Yara sort
  ☆13Updated this week
• 4144414D / pytruecrypt
  Truecrypt volume parsing library
  ☆33Updated 5 years ago
• DissectMalware / xlrd2
  xlrd2 is a variant of xlrd that is actively maintained
  ☆23Updated last year
• slinderud / ghidra-config
  Ghidra consonance and make it more ida-ish
  ☆16Updated 6 years ago
• libyal / libhibr
  Library and tools to access the Windows Hibernation File (hiberfil.sys) format
  ☆13Updated last month
• EricZimmerman / SDB
  Parse Microsoft shim databases
  ☆32Updated last year
• tribalchicken / volatility-bitlocker
  Volatility plugin to extract BitLocker Full Volume Encryption Keys (FVEK)
  ☆70Updated 4 years ago
• pali / bmfdec
  Decompile binary MOF file (BMF) from WMI buffer
  ☆57Updated 2 years ago
• 0xf15h / docker_ghidra
  A Dockerized Ghidra Server
  ☆15Updated 5 years ago
• k3idii / ION
  Indicators of Normality
  ☆11Updated 3 years ago
• BjornRuytenberg / tcfp
  Thunderbolt Controller Firmware Patcher.
  ☆68Updated 3 years ago
• inflex / undark
  SQLite3 data extraction / undelete
  ☆65Updated 9 years ago
• ghecko / libsigrokdecoder_spi-tpm
  libsigrok stacked Protocol Decoder for TPM 2.0 & TPM 1.2 transactions from an SPI bus. BitLocker Volume Master Key (VMK) are automaticall…
  ☆25Updated 3 years ago
• ufrisk / MemProcFS-plugins
  ☆62Updated last year
• revolver-ocelot-saa / GhidraX64Dbg
  Extract annoations from Ghidra into an X32/X64 dbg database
  ☆57Updated 4 years ago
• jschicht / PowerMft
  Powerful commandline $MFT record editor.
  ☆25Updated 10 years ago
• 0xHasanM / Autopsy-Registry-Explorer
  Autopsy Module to analyze Registry Hives
  ☆15Updated 3 years ago
• jschicht / SetRegTime
  Registry timestamp manipulation
  ☆17Updated 11 years ago
• nccgroup / WindowsJobLock
  Windows Process Lockdown Tool using Job Objects
  ☆70Updated 12 years ago
• peterwintersmith / crystalaep
  Crystal Anti-Exploit Protection 2012
  ☆37Updated 5 years ago
• RealityNet / McAFuse
  Toolset to analyze disks encrypted with McAFee FDE technology
  ☆19Updated 4 years ago
• BjornRuytenberg / spiblock
  Configure SPI flash write protection.
  ☆24Updated 5 years ago
• mandiant / win10_auto
  ☆24Updated 6 years ago
• connormorley / OuterHaven-UEFI-exploitation-and-detection
  A standalone python script leveraging ntdll for UEFI variable enumeration. This uses elements from the "chipsec" toolkit for formatting w…
  ☆10Updated 2 years ago
• dhondta / AppmemDumper
  Forensics triage tool relying on Volatility and Foremost
  ☆25Updated 2 years ago
• crackinglandia / fuu
  [F]aster [U]niversal [U]npacker
  ☆60Updated 12 years ago