Alternatives and similar repositories for mcp-windbg

Users that are interested in mcp-windbg are comparing it to the libraries listed below

• NadavLor / windbg-ext-mcp

  View on GitHub
  WinDbg-ext-MCP bridges your favorite LLM client (like Cursor, Claude, or VS Code) with WinDbg, enabling real-time, AI assisted kernel deb…
  ☆71Sep 10, 2025Updated 5 months ago
• Air14 / SourceSync

  View on GitHub
  Set of plugins and library for dynamic pdb generation and synchronisation
  ☆37May 3, 2024Updated last year
• AaLl86 / WindowsInternals

  View on GitHub
  Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book
  ☆115Jun 30, 2024Updated last year
• wbenny / EtwConsumerNT

  View on GitHub
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆146Feb 23, 2019Updated 6 years ago
• 0vercl0k / symbolizer-rs

  View on GitHub
  A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.
  ☆100Jan 3, 2026Updated last month
• yardenshafir / WinDbg_Scripts

  View on GitHub
  Useful scripts for WinDbg using the debugger data model
  ☆429Mar 27, 2024Updated last year
• microsoft / MSO-Scripts

  View on GitHub
  Set of scripts for performance investigations on Windows.
  ☆32Dec 17, 2025Updated last month
• ViperXSecurity / lib-nosa

  View on GitHub
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆120Sep 8, 2024Updated last year
• microsoft / ndis-driver-library

  View on GitHub
  Code to make it easier to write an NDIS network driver on Windows
  ☆92Oct 1, 2023Updated 2 years ago
• snowsnowsnows / EagleVM

  View on GitHub
  Native code virtualizer for x64 binaries
  ☆514Dec 20, 2024Updated last year
• hasherezade / waiting_thread_hijacking

  View on GitHub
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆262Aug 31, 2025Updated 5 months ago
• pathtofile / Sealighter

  View on GitHub
  Sysmon-Like research tool for ETW
  ☆384Nov 15, 2022Updated 3 years ago
• ricardojoserf / w11_shadow_copies

  View on GitHub
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆81Jan 26, 2026Updated 2 weeks ago
• Y3A / winkafl

  View on GitHub
  Static binary instrumentation for windows kernel drivers, to use with winafl
  ☆81Feb 5, 2025Updated last year
• 0vercl0k / kdmp-parser

  View on GitHub
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆213Oct 5, 2025Updated 4 months ago
• zodiacon / EtwExplorer

  View on GitHub
  View ETW Provider manifest
  ☆570Nov 1, 2024Updated last year
• BeneficialCode / WinArk

  View on GitHub
  Windows Anti-Rootkit Tool
  ☆542Dec 31, 2025Updated last month
• rasta-mouse / KerbApp

  View on GitHub
  ☆32Jun 1, 2024Updated last year
• mannyfred / MentalTi

  View on GitHub
  Mentally ill EtwTi parser
  ☆66Jan 11, 2026Updated last month
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆408Jan 11, 2026Updated last month
• thezdi / binaryninja

  View on GitHub
  binary ninja related code
  ☆37Mar 27, 2025Updated 10 months ago
• microsoft / pdb-rs

  View on GitHub
  Tools and documents for working with Microsoft PDB files, in Rust
  ☆56Jan 30, 2026Updated 2 weeks ago
• jdu2600 / Windows10EtwEvents

  View on GitHub
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆329May 2, 2024Updated last year
• repnz / etw-providers-docs

  View on GitHub
  Document ETW providers
  ☆267Mar 28, 2020Updated 5 years ago
• antonioCoco / MalSeclogon

  View on GitHub
  A little tool to play with the Seclogon service
  ☆328Jul 10, 2022Updated 3 years ago
• jdu2600 / EtwTi-FluctuationMonitor

  View on GitHub
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆166May 17, 2023Updated 2 years ago
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated 10 months ago
• TwoSevenOneT / WSASS

  View on GitHub
  This is the tool to dump the LSASS process on modern Windows 11
  ☆555Nov 1, 2025Updated 3 months ago
• microsoft / WinDbg-Samples

  View on GitHub
  Sample extensions, scripts, and API uses for WinDbg.
  ☆810Dec 27, 2025Updated last month
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• DebugPrivilege / InsightEngineering

  View on GitHub
  Hardcore Debugging
  ☆929Jan 6, 2026Updated last month
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆239Nov 6, 2019Updated 6 years ago
• ig-labs / defender-mpengine-fuzzing

  View on GitHub
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆39Jul 29, 2025Updated 6 months ago
• PhantomSecurityGroup / Intro-to-EDR-Evasion

  View on GitHub
  CyberShield 2025 Intro to EDR Evasion Class
  ☆17Jun 3, 2025Updated 8 months ago
• 0xTriboulet / emerald_template

  View on GitHub
  A cmake template for crystal palace
  ☆38Dec 20, 2025Updated last month
• hfiref0x / WinDepends

  View on GitHub
  Windows Dependencies
  ☆638Feb 4, 2026Updated last week
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆104Nov 7, 2025Updated 3 months ago
• jdu2600 / API-To-ETW

  View on GitHub
  Uses ghidra to find all ETW write metadata for each API in a PE file
  ☆27Jul 26, 2024Updated last year
• djolertrk / kovid-obfuscation-passes

  View on GitHub
  A set of LLVM and GCC based plugins that perform code obfuscation.
  ☆138Oct 20, 2025Updated 3 months ago