Alternatives and similar repositories for WHP-simple

Users that are interested in WHP-simple are comparing it to the libraries listed below

• kukrimate / grr
  AMD SVM hypervisor rootkit proof of concept
  ☆48Updated last year
• Colton1skees / WinTTD
  Reverse engineered API for Microsoft's Time Travel Debugger
  ☆34Updated last year
• OALabs / ZVM
  Disassembler for Zeus VM custom instruction set
  ☆28Updated last year
• BehroozAbbassi / sdkffi
  A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.
  ☆94Updated 3 years ago
• Toroto006 / windows-kernel-driver-pipeline
  This master thesis project continuously collects and analyses Microsoft Windows kernel drivers using static and dynamic methods to help s…
  ☆20Updated 8 months ago
• b-irb / sauron
  Simple Intel VT-x type-2 hypervisor for 64-bit Linux.
  ☆19Updated 4 years ago
• leandrofroes / bn_ifl
  IFL - Interactive Functions List (plugin for Binary Ninja)
  ☆24Updated last year
• cassanof / safe-llvm
  LLVM Without The ROP Gadgets!
  ☆26Updated last year
• Nadharm / CoVirt
  A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
  ☆29Updated 3 years ago
• DenuvoSoftwareSolutions / DVRT
  How Meltdown and Spectre haunt Anti-Cheat: DVRT details
  ☆21Updated 10 months ago
• archercreat / llvm_stuff
  LLVM based devirtualization PoC’s.
  ☆21Updated 3 years ago
• intel / unicorn-for-efi
  Unicorn Engine port for UEFI firmware
  ☆45Updated 3 months ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• Signal-Labs / FileHook
  ☆29Updated 4 years ago
• jeperez / WinREPL
  x86 and x64 assembly "read-eval-print loop" for Windows
  ☆29Updated 7 years ago
• 3intermute / hvICE
  hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer
  ☆33Updated last year
• fvrmatteo / oracle-synthesis-meets-equality-saturation
  ☆25Updated last month
• redplait / armpatched
  clone of armadillo patched for windows
  ☆47Updated 8 months ago
• samrussell / vmprotect_binja_plugin
  Binary Ninja plugin for automating VMProtect analysis
  ☆61Updated 2 years ago
• POPFD / cascade
  A thin introspection hypervisor framework that allows for low level resource manipulation.
  ☆13Updated last year
• irql / nokd
  reverse engineering of the windows nt kernel debugger protocol & reimplementation.
  ☆26Updated last year
• malware-unicorn / pteroioctl-hook
  A driver to implement IOCTL hooking
  ☆24Updated 3 years ago
• Air14 / SmmLoader
  Runtime smm module loader
  ☆34Updated 2 years ago
• Rantanen / ghidra-minidump-loader
  Windows Minidump loader for Ghidra
  ☆29Updated 2 years ago
• therealdreg / ida_bochs_windows
  Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)
  ☆62Updated last year
• hugsy / bochscpu-python
  Python bindings for BochsCPU
  ☆36Updated last month
• ergot86 / hyperv_stuff
  Hyper-V related resources
  ☆31Updated last year
• shareef12 / driveranalyzer
  Binary Ninja plugin to perform automated analysis of Windows drivers
  ☆17Updated 5 years ago
• pd0wm / binaryninja-pcode
  This plugin serves as a bridge between Binary Ninja and Ghidra's disassembler.
  ☆33Updated 3 years ago
• Air14 / SourceSync
  Set of plugins and library for dynamic pdb generation and synchronisation
  ☆38Updated last year