Alternatives and similar repositories for d-time:

Users that are interested in d-time are comparing it to the libraries listed below

• jackullrich / Windows-API-Fuzzer
  Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
  ☆97Updated 4 years ago
• yardenshafir / MitigationFlagsCliTool
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆46Updated 4 years ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆45Updated 4 years ago
• IOActive / kmdf_re
  Helper idapython code for reversing kmdf drivers
  ☆72Updated 2 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated 2 years ago
• vp777 / exploit-dev
  ☆11Updated 2 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆34Updated 3 years ago
• idiom / stackstack
  ☆31Updated 2 years ago
• ucsb-seclab / popkorn-artifact
  ☆67Updated 2 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆70Updated last year
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆52Updated 2 years ago
• h0mbre / ioctl.py
  ☆20Updated 5 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆31Updated last year
• ihack4falafel / ROR13HashGenerator
  C# implementation to produce ROR-13 numeric hash for given function API name
  ☆31Updated 5 years ago
• shamrockhoax / mazedecoder
  ☆28Updated 4 years ago
• polakow / WindowsBypassSMEP
  Example for PagedOut!
  ☆24Updated 5 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆59Updated 7 months ago
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆47Updated last year
• redplait / armpatched
  clone of armadillo patched for windows
  ☆47Updated 5 months ago
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆88Updated 3 years ago
• ch3rn0byl / WinDbg-Extensions
  ☆18Updated 4 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• eurecom-s3 / loaders_modeling
  ☆24Updated 2 years ago
• malware-kitten / shellcode_hashes
  A collection of shellcode hashes
  ☆17Updated 6 years ago
• SinaKarvandi / x64-Driver-Inline-Assembly
  This is a simple driver with x64 inline assembly
  ☆54Updated 4 years ago
• hidd3ncod3s / WindowsAPIhash
  Windows API Hashes used in the malwares
  ☆41Updated 9 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆35Updated 4 years ago
• k0keoyo / ksRPC_analysis_script
  ☆12Updated 4 years ago