Alternatives and similar repositories for cgaty

Users that are interested in cgaty are comparing it to the libraries listed below

• therealdreg / pdbdump_bochs

  View on GitHub
  Dump PDB Symbols including support for Bochs Debugging Format (with wine support)
  ☆14Aug 11, 2023Updated 2 years ago
• uf0o / rootkit-arsenal-guacamole

  View on GitHub
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆74Apr 11, 2022Updated 3 years ago
• alfarom256 / UserVAtoPhysical

  View on GitHub
  Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
  ☆23Nov 22, 2021Updated 4 years ago
• therealdreg / ida_bochs_windows

  View on GitHub
  Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)
  ☆62Aug 11, 2023Updated 2 years ago
• therealdreg / ida_vmware_windows_gdb

  View on GitHub
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆68Aug 11, 2023Updated 2 years ago
• ntoskrnl7 / ldk

  View on GitHub
  Load Dll into Kernel space
  ☆39Aug 23, 2022Updated 3 years ago
• POPFD / HypervisorBase

  View on GitHub
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆51Mar 11, 2021Updated 4 years ago
• wizardengineer / krakensvm-mg

  View on GitHub
  A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]
  ☆103Aug 3, 2023Updated 2 years ago
• ntoskrnl7 / crtsys

  View on GitHub
  C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL
  ☆194Aug 27, 2022Updated 3 years ago
• elastic / PPLGuard

  View on GitHub
  ☆71Feb 6, 2025Updated last year
• ajkhoury / Errata1337

  View on GitHub
  ☆68Dec 17, 2020Updated 5 years ago
• xalicex / Unhook-Import-Address-Table

  View on GitHub
  Piece of code to detect and remove hooks in IAT
  ☆65May 30, 2022Updated 3 years ago
• Lima-X / Singularity

  View on GitHub
  x64 PE-COFF virtualization driven obfuscation engine
  ☆58Oct 14, 2022Updated 3 years ago
• KiFilterFiberContext / BadlionLogger

  View on GitHub
  kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT
  ☆33Jul 9, 2021Updated 4 years ago
• rad9800 / VehApiResolve

  View on GitHub
  ☆118Aug 7, 2022Updated 3 years ago
• sariaki / amd-hypervisor

  View on GitHub
  a minimalistic windows hypervisor for amd processors
  ☆138Jun 30, 2022Updated 3 years ago
• OrShazam / ChainEngine

  View on GitHub
  automates exploits using ROP chains, using ntdll-scraper
  ☆16May 26, 2022Updated 3 years ago
• kkent030315 / CiGetCertPublisherName

  View on GitHub
  An example code of CiGetCertPublisherName
  ☆17Mar 24, 2022Updated 3 years ago
• alfarom256 / MinifilterResearch

  View on GitHub
  ☆16Oct 31, 2022Updated 3 years ago
• namazso / PEDiffGen

  View on GitHub
  Subtract one PE file from another!
  ☆20Oct 1, 2021Updated 4 years ago
• therealdreg / symseghelper

  View on GitHub
  Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode
  ☆19Aug 11, 2023Updated 2 years ago
• bytewreck / hook-buster

  View on GitHub
  Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.
  ☆36May 12, 2022Updated 3 years ago
• cbwang505 / unicorn-whpx

  View on GitHub
  跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…
  ☆78Dec 17, 2023Updated 2 years ago
• kouzhudong / libdrv

  View on GitHub
  Static Library For Windows Drivers
  ☆41Dec 13, 2025Updated 2 months ago
• fortra / CreateProcess

  View on GitHub
  A small PoC that creates processes in Windows
  ☆187Jun 6, 2024Updated last year
• Peribunt / VPGATHER

  View on GitHub
  Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …
  ☆53Dec 30, 2025Updated last month
• armasm / EasyAntiPatchGuard

  View on GitHub
  Easy Anti PatchGuard
  ☆223Apr 9, 2021Updated 4 years ago
• KiFilterFiberContext / warbird-obfuscator

  View on GitHub
  Integration of Microsoft Warbird with the MSVC compiler
  ☆129Jul 16, 2023Updated 2 years ago
• BehroozAbbassi / sdkffi

  View on GitHub
  A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.
  ☆94Apr 17, 2022Updated 3 years ago
• yardenshafir / DpcWait

  View on GitHub
  Driver demonstrating how to register a DPC to asynchronously wait on an object
  ☆50Jan 15, 2021Updated 5 years ago
• Baron-von-Riedesel / WinInc

  View on GitHub
  Windows 32/64-bit Include files and Import Libraries
  ☆16May 26, 2022Updated 3 years ago
• rad9800 / WTSRM

  View on GitHub
  WTSRM
  ☆216Aug 7, 2022Updated 3 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆265Aug 31, 2022Updated 3 years ago
• ytk2128 / pe32-password

  View on GitHub
  A simple password-based PE encryptor for Windows 32-bit executables.
  ☆51Jan 9, 2025Updated last year
• nccgroup / DetectWindowsCopyOnWriteForAPI

  View on GitHub
  Enumerate various traits from Windows processes as an aid to threat hunting
  ☆202Jan 13, 2022Updated 4 years ago
• zodiacon / WinSys

  View on GitHub
  C++ library for low-level Windows development
  ☆80Apr 12, 2024Updated last year
• sum-catnip / kptnhook

  View on GitHub
  windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking
  ☆53Aug 28, 2022Updated 3 years ago
• can1357 / llvm-patches

  View on GitHub
  Personal curation of Clang/LLVM patches.
  ☆12Feb 27, 2021Updated 4 years ago
• muturikaranja / kernel-windowless-wndproc-hook

  View on GitHub
  hooks gServerHandlers xxxEventWndProc
  ☆13May 1, 2022Updated 3 years ago