Alternatives and similar repositories for regfanalysistools

Users that are interested in regfanalysistools are comparing it to the libraries listed below

• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆35Updated 8 years ago
• AzureGreen / WinNT-Learning
  Notes my learning steps about Windows-NT
  ☆23Updated 8 years ago
• apriorit / Simple-Antirootkit-SST-Unhooker
  This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks
  ☆33Updated 8 years ago
• cloudbase / HyperVPCapExt
  Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format
  ☆13Updated 11 years ago
• OSRDrivers / deleteex
  Demonstrate the new FileDispositionInfoEx behavior
  ☆14Updated 7 years ago
• gerhart01 / HyperV-sockets
  Hyper-V sockets
  ☆29Updated 8 years ago
• zodiacon / ObjectBrowser
  An alternative tool to Sysinternals WinObj tool (nicer icons!)
  ☆37Updated 7 years ago
• ghonsa / DeviceDmp
  Windows device tree walker
  ☆15Updated 7 years ago
• JohnnyLChang / MBRProtector
  ☆14Updated 8 years ago
• 0xdabbad00 / OpenHIPS
  OpenHIPS prevents exploitation of Windows systems
  ☆35Updated 12 years ago
• Cr4sh / IDA-UbiGraph
  IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph
  ☆26Updated 12 years ago
• hailehong95 / practice-maldev
  Common Malware Techniques
  ☆13Updated 2 years ago
• wes4m / unHooker
  Kernel (Ring0) - SSDT unhook driver
  ☆15Updated 7 years ago
• Nukem9 / VMWareClient
  Reverse engineered vmware workstation code to aid in kernel debugging.
  ☆14Updated 9 years ago
• mq1n / ForceThreadSuspend
  Windows hidden thread suspend POC with code injection
  ☆12Updated 8 years ago
• after1990s / InjectSolution
  ☆12Updated 10 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆17Updated 6 years ago
• EvilKnight1986 / Simrep
  windows kernel File redirection
  ☆20Updated 11 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆19Updated 9 years ago
• Microwave89 / win7-x64-ndk
  Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu
  ☆17Updated 9 years ago
• Sha0 / winkexec
  Windows KExec
  ☆25Updated 15 years ago
• coldshell / IDA-appcall
  ☆13Updated 8 years ago
• emc2314 / PEZEncrypt
  PE Infector/Cryptor source code
  ☆16Updated 8 years ago
• stonedreamforest / ChangCheng
  对windows-api内容进行自动审查和过滤监控
  ☆14Updated 8 years ago
• wolk-1024 / WoW64Utils
  WoW64 -> x64
  ☆19Updated 9 years ago
• aaaddress1 / APCInjector-BYPASS-AV
  ☆19Updated 10 years ago
• BrunoMCBraga / Kernel-Whisperer
  ☆29Updated 4 years ago
• rwfpl / rewolf-ldrdebug
  Helper utility for debugging windows PE/PE+ loader.
  ☆52Updated 10 years ago
• Rprop / packetbuilder
  an efficient yet easy to use network packet builder and parser
  ☆11Updated 8 years ago
• zodiacon / ObjDir
  Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.
  ☆21Updated 2 years ago