rsa9000 / regfanalysistools

Related projects ⓘ

Alternatives and complementary repositories for regfanalysistools

• OSRDrivers / deleteex
  Demonstrate the new FileDispositionInfoEx behavior
  ☆15Updated 7 years ago
• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 7 years ago
• zodiacon / AccessMask
  ☆18Updated 5 years ago
• ZaneLogi / DevConWin
  A tool to investigate the Windows device manager
  ☆14Updated 5 years ago
• zodiacon / ObjDir
  Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.
  ☆19Updated last year
• BrunoMCBraga / Kernel-Whisperer
  ☆27Updated 3 years ago
• zodiacon / ErrorLookup
  Simple error lookup for Win32 and NTSTATUS errors
  ☆17Updated 5 years ago
• AzureGreen / WinNT-Learning
  Notes my learning steps about Windows-NT
  ☆22Updated 7 years ago
• weixu8 / RegistryMonitor
  Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…
  ☆21Updated 10 years ago
• killswitch-GUI / IsDebuggerPresent
  Debugger checks in 3 ways
  ☆20Updated 6 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆16Updated 5 years ago
• therealdreg / auxlib
  Full reversing of the Microsoft Auxiliary Windows API Library and ported to C
  ☆23Updated last year
• lowleveldesign / lldext
  My commands and scripts extending WinDbg
  ☆28Updated 2 months ago
• DownWithUp / WhoCalls_C
  WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…
  ☆17Updated 2 years ago
• ghonsa / DeviceDmp
  Windows device tree walker
  ☆15Updated 6 years ago
• cloudbase / HyperVPCapExt
  Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format
  ☆12Updated 10 years ago
• pustladi / TrueCrypt-7.2
  TrueCrypt 7.2 — (Source Codes)
  ☆8Updated 7 years ago
• mq1n / ForceThreadSuspend
  Windows hidden thread suspend POC with code injection
  ☆12Updated 7 years ago
• xenserver / win-xenvif
  XenServer Windows Virtual Network Interface Device Driver
  ☆12Updated 7 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆18Updated 8 years ago
• yisonPylkita / powershell_cpp
  PowerShell interpreter for unmanaged (non CLI) C++ projects
  ☆16Updated 7 years ago
• OSRDrivers / tunnel
  Demonstrate the behavior of the tunnel cache on Windows
  ☆9Updated 5 years ago
• zodiacon / SrvDrv
  Services and Drivers control application
  ☆18Updated 7 years ago
• binbibi / libedge
  Microsoft Edge Microsoft Edge主页算法
  ☆18Updated 5 years ago
• zodiacon / ObjectBrowser
  An alternative tool to Sysinternals WinObj tool (nicer icons!)
  ☆34Updated 6 years ago
• papadp / shd
  Ssdt Hook Detection tool
  ☆12Updated 7 years ago
• JKornev / NTlib
  Static library and headers for linking your software with ntdll.dll
  ☆30Updated 4 years ago
• MechanicsMingYan / MProtect
  ☆13Updated 7 years ago