Alternatives and similar repositories for pythia:

Users that are interested in pythia are comparing it to the libraries listed below

• diversenok / TransactionMaster
  A tool for Windows that can make any program work within file-system transactions.
  ☆58Updated 4 years ago
• waleedassar / TimeDateStamp
  Discover TimeDateStamps In PE File
  ☆17Updated 9 years ago
• williballenthin / python-vb
  analysis of visual basic code
  ☆42Updated 7 years ago
• mrexodia / YaraGen
  Plugin for x64dbg to generate Yara rules from function basic blocks.
  ☆36Updated 7 years ago
• arizvisa / ndk
  A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.
  ☆54Updated 5 years ago
• tpn / windows-nt-file-system-internals-book
  Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.
  ☆16Updated 5 years ago
• danielplohmann / empty_msvc
  A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.
  ☆32Updated 10 months ago
• williballenthin / siglib
  function identification signatures
  ☆12Updated 4 years ago
• zodiacon / InterceptionDemo
  Sample showing the use of CoGetInterceptor
  ☆21Updated 4 years ago
• mandiant / siglib
  ☆27Updated 3 years ago
• hMihaiDavid / hooks
  A DLL that performs IAT hooking
  ☆27Updated 6 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆60Updated 8 months ago
• crypto2011 / IDR64
  64-bit version of IDR (not complete, use as is)
  ☆42Updated 6 years ago
• andrew-boyarshin / LoaderWatch
  Windows 10 PE image loader (LDR) NTDLL component toolbox
  ☆49Updated 5 years ago
• bi-zone / rdtsc-checkvirt-poc
  Virtualization detection through speculative execution PoCs and papers
  ☆68Updated 6 years ago
• zyantific / zydis-go
  Pure Go bindings for Zydis.
  ☆11Updated 9 months ago
• mrfearless / PE-Library-x86
  PE Library x86
  ☆21Updated 5 years ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆140Updated 6 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆33Updated last year
• Fyyre / directntapi
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆52Updated last year
• vic4key / VB-Exe-Parser
  VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …
  ☆16Updated 8 years ago
• relyze-ltd / plugins
  A repository of example plugins for Relyze Desktop.
  ☆34Updated 5 years ago
• archercreat / api-tracer
  api-tracer is a tiny (useless) tracer
  ☆14Updated 2 years ago
• OsandaMalith / ApiMon
  A simple API monitor for Windbg
  ☆63Updated 8 years ago
• hfiref0x / Misc
  Miscellaneous Code and Docs
  ☆81Updated last year
• red4000 / ZMIST
  Updated z0mbie MISTFALL engine
  ☆15Updated 7 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 4 years ago
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆36Updated 6 months ago
• AndreyBazhan / DbgPkg
  Scripts to prepare Windows system for debugging.
  ☆30Updated 4 years ago