Alternatives and similar repositories for d-time

Users that are interested in d-time are comparing it to the libraries listed below

• jackullrich / Windows-API-Fuzzer
  Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
  ☆99Updated 5 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆30Updated 2 years ago
• IOActive / kmdf_re
  Helper idapython code for reversing kmdf drivers
  ☆73Updated 3 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆35Updated 4 years ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆47Updated 5 years ago
• DownWithUp / IOCTL-Flooder
  IOCTL-Flooder is a verbose tool designed to help with Windows driver fuzzing by brute forcing IOCTLs on loaded drivers. GetLastError is u…
  ☆11Updated 6 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆73Updated last year
• yardenshafir / MitigationFlagsCliTool
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆47Updated 4 years ago
• vp777 / exploit-dev
  ☆11Updated 2 years ago
• k0keoyo / ksRPC_analysis_script
  ☆12Updated 5 years ago
• shamrockhoax / mazedecoder
  ☆28Updated 5 years ago
• polakow / WindowsBypassSMEP
  Example for PagedOut!
  ☆25Updated 5 years ago
• ucsb-seclab / popkorn-artifact
  ☆71Updated 2 years ago
• trailofbits / WinDbg-JS
  ☆25Updated last year
• SouhailHammou / Drivers
  Windows Drivers
  ☆99Updated 6 years ago
• SinaKarvandi / windbg2ida
  Windbg2ida lets you dump each step in Windbg then shows these steps in IDA
  ☆75Updated last year
• d00rt / ebfuscator
  Ebfuscator: Abusing system errors for binary obfuscation
  ☆52Updated 5 years ago
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆36Updated 4 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆60Updated 11 months ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆55Updated 3 years ago
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆92Updated 3 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 4 years ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆42Updated 5 years ago
• BehroozAbbassi / DriverAnalyzer
  A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in drivers…
  ☆69Updated 3 years ago
• ch3rn0byl / WinDbg-Extensions
  ☆18Updated 4 years ago
• 86hh / DreamLoader
  Simple 32/64-bit PEs loader.
  ☆138Updated 6 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated 2 years ago
• DownWithUp / CVE-Stockpile
  Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
  ☆49Updated 4 years ago
• OsandaMalith / PESecInfo
  A simple tool to view important DLL Characteristics and change DEP and ASLR
  ☆44Updated 6 years ago
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆57Updated 3 years ago