mgeeky / ntfs-journal-viewerLinks
Utterly simple NTFS Journal dumping utility. Handy when it comes to Computer Forensics and Malware Forensics Ops.
☆38Updated 9 years ago
Alternatives and similar repositories for ntfs-journal-viewer
Users that are interested in ntfs-journal-viewer are comparing it to the libraries listed below
Sorting:
- A small library helping to parse commandline parameters (for C/C++)☆58Updated 7 months ago
- Windows Process Lockdown Tool using Job Objects☆70Updated 12 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆37Updated 2 years ago
- Another Portable Executable files analysing stuff☆21Updated 14 years ago
- Sysmon shenanigans☆66Updated 5 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Updated 5 years ago
- A ready-made template for a project based on libpeconv.☆51Updated last month
- Blocks drivers from loading by using a name collision technique. #nsacyber☆50Updated 8 years ago
- Evil Reflective DLL Injection Finder☆47Updated 7 years ago
- ☆20Updated 6 months ago
- An example of PE hollowing injection technique☆25Updated 6 years ago
- Blog posts☆29Updated 5 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆32Updated 5 years ago
- 🔵 ethereum grid trading bot☆35Updated 2 months ago
- DLL Injection Library & Tools☆73Updated 9 years ago
- NT AUTHORITY\SYSTEM☆43Updated 5 years ago
- Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware☆56Updated 4 months ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 7 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Updated 7 years ago
- ☆64Updated last year
- Library for Windows XML Event Log (EVTX) data types☆18Updated last week
- Capture BAT is a behavioral analysis tool of applications for the Win32 operating system family.☆32Updated 12 years ago
- Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on M…☆12Updated 6 years ago
- Code that can be used as a reference, library, or inspiration for hacking Windows memory.☆53Updated 5 years ago
- Collection of structures, prototype and examples for Microsoft Macro Assembler (MASM) x64.☆17Updated 5 years ago
- A minimal tool to extract shellcode from 64-bit PE binaries.☆51Updated 4 years ago
- A DLL that serves OutputDebugString content over a TCP connection☆35Updated 4 years ago
- PoC designed to evade userland-hooking anti-virus.☆90Updated 6 years ago
- Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)☆81Updated 2 years ago
- Ammyy v3 Source Code leak , with ❤️ <3☆40Updated 8 years ago