Alternatives and similar repositories for ntfs-journal-viewer

Users that are interested in ntfs-journal-viewer are comparing it to the libraries listed below

• Harvester57 / CodeIntegrity-DriverBlocklist
  ☆20Updated 7 months ago
• aelth / dementia-forensics
  Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on M…
  ☆13Updated 6 years ago
• libyal / libfwevt
  Library for Windows XML Event Log (EVTX) data types
  ☆18Updated last month
• nccgroup / WindowsJobLock
  Windows Process Lockdown Tool using Job Objects
  ☆70Updated 12 years ago
• hasherezade / hidden_bee_tools
  Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware
  ☆58Updated 5 months ago
• mgeeky / PEInfo
  Another Portable Executable files analysing stuff
  ☆21Updated 14 years ago
• Jyang772 / HideProcessHookMDL
  A simple rootkit to hide a process
  ☆47Updated 12 years ago
• psmitty7373 / eif
  Evil Reflective DLL Injection Finder
  ☆47Updated 7 years ago
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆66Updated 5 years ago
• 0xZ0F / CPPMemory
  Code that can be used as a reference, library, or inspiration for hacking Windows memory.
  ☆53Updated 5 years ago
• zodiacon / NativeApps
  Demos and presentation from SECArmy Village Grayhat 2020
  ☆37Updated 2 years ago
• hasherezade / paramkit
  A small library helping to parse commandline parameters (for C/C++)
  ☆58Updated 8 months ago
• nettitude / DLLInjection
  DLL Injection Library & Tools
  ☆73Updated 9 years ago
• zodiacon / DeviceExplorer
  ☆58Updated last month
• MathildeVenault / SysMainView
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆32Updated 5 years ago
• zodiacon / Blog
  Blog posts
  ☆29Updated 5 years ago
• nsacyber / Driver-Collider
  Blocks drivers from loading by using a name collision technique. #nsacyber
  ☆50Updated 8 years ago
• 0xeb / WinTools
  A collection of free miscellaneous Windows tools
  ☆142Updated 6 months ago
• ufrisk / shellcode64
  A minimal tool to extract shellcode from 64-bit PE binaries.
  ☆51Updated 4 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆35Updated 3 months ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆51Updated 2 months ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆22Updated 7 years ago
• mgeeky / PE-library
  Lightweight Portable Executable parsing library and a demo peParser application.
  ☆80Updated 3 years ago
• kusano / ntfsdump
  Extract files from NTFS Volume
  ☆33Updated 4 years ago
• KbaHaxor / Ammyy-v3
  Ammyy v3 Source Code leak , with ❤️ <3
  ☆41Updated 9 years ago
• MandConsultingGroup / ring3-kit
  Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)
  ☆80Updated 3 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆43Updated 5 years ago
• rbmm / partial
  d
  ☆14Updated 4 months ago
• zodiacon / BITSManager
  BITS Transfers Manager
  ☆45Updated 8 months ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆32Updated 5 years ago