Alternatives and similar repositories for regfanalysistools:

Users that are interested in regfanalysistools are comparing it to the libraries listed below

• OSRDrivers / deleteex
  Demonstrate the new FileDispositionInfoEx behavior
  ☆14Updated 7 years ago
• zodiacon / AccessMask
  ☆19Updated 5 years ago
• zodiacon / ObjDir
  Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.
  ☆20Updated last year
• zodiacon / ErrorLookup
  Simple error lookup for Win32 and NTSTATUS errors
  ☆19Updated 6 years ago
• cloudbase / HyperVPCapExt
  Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format
  ☆12Updated 10 years ago
• rbmm / SearchEx
  D00
  ☆6Updated 3 years ago
• ZaneLogi / DevConWin
  A tool to investigate the Windows device manager
  ☆14Updated 6 years ago
• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 8 years ago
• therealdreg / auxlib
  Full reversing of the Microsoft Auxiliary Windows API Library and ported to C
  ☆23Updated 4 months ago
• sin5678 / wow64hook
  wow64 syscall filter
  ☆13Updated 10 years ago
• ghonsa / DeviceDmp
  Windows device tree walker
  ☆15Updated 6 years ago
• xenserver / win-xenvif
  XenServer Windows Virtual Network Interface Device Driver
  ☆12Updated 7 years ago
• zodiacon / winsta
  Show Window Stations, Desktops and top level windows
  ☆15Updated last year
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆19Updated 9 years ago
• Rprop / packetbuilder
  an efficient yet easy to use network packet builder and parser
  ☆11Updated 7 years ago
• Mirraz / regparser
  Windows registry files interactive viewer
  ☆9Updated 7 years ago
• mq1n / ForceThreadSuspend
  Windows hidden thread suspend POC with code injection
  ☆12Updated 7 years ago
• AzureGreen / WinNT-Learning
  Notes my learning steps about Windows-NT
  ☆23Updated 7 years ago
• after1990s / InjectSolution
  ☆12Updated 10 years ago
• BrunoMCBraga / Kernel-Whisperer
  ☆28Updated 4 years ago
• killswitch-GUI / IsDebuggerPresent
  Debugger checks in 3 ways
  ☆18Updated 7 years ago
• zodiacon / SrvDrv
  Services and Drivers control application
  ☆19Updated 7 years ago
• DownWithUp / WhoCalls_C
  WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…
  ☆17Updated 2 years ago
• zodiacon / RegistryExplorer
  ☆21Updated 7 years ago
• OSRDrivers / tunnel
  Demonstrate the behavior of the tunnel cache on Windows
  ☆9Updated 5 years ago
• strobejb / injdll
  DLL Injection commandline utility
  ☆26Updated 12 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆16Updated 6 years ago
• pustladi / TrueCrypt-7.2
  TrueCrypt 7.2 — (Source Codes)
  ☆8Updated 8 years ago
• conix-security / MLBT
  MBR manipulation tool
  ☆17Updated 11 years ago
• floomby / injector
  does reflective dll injection
  ☆8Updated 11 years ago