Alternatives and similar repositories for NativeImageAnalyzer

Users that are interested in NativeImageAnalyzer are comparing it to the libraries listed below

• MahmoudZohdy / DLL-Obfuscation-V2
  Load Encrypted Dll Using LoadLibraryA, Keep The Dll Encrypted on disc all the time and decrypt it only in memory.
  ☆23Updated 4 years ago
• killvxk / awesome-obfuscations
  ☆62Updated 4 months ago
• joaovarelas / java-remote-class-loader
  ☆32Updated 3 years ago
• MahmoudZohdy / IAT-Obfuscation
  IAT-Obfuscation to make static analysis of executable harder.
  ☆44Updated 4 years ago
• orca-eaa5a / mploader
  Portable & Custmizable Windows Defender
  ☆12Updated 4 years ago
• sodareverse / cppdumper
  C++ Program used to dump Themida and VMProtect.
  ☆31Updated last year
• jsacco / PPL_Bypass
  ☆12Updated 3 years ago
• backengineering / msrexec
  Elevate arbitrary MSR writes to kernel execution.
  ☆41Updated 2 years ago
• baiyies / CrossInject
  32 bit process inject shellcode to 32 bit process and 64 bit process
  ☆35Updated 2 years ago
• bytewreck / hook-buster
  Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.
  ☆33Updated 3 years ago
• M0n7y5 / Shellby
  Small handy tool for crafting shellcodes by hand.
  ☆18Updated 3 years ago
• m417z / minhook-detours
  A hooking library with a MinHook-like API and a Detours-like implementation, with support for the x86, x64, and ARM64 platforms
  ☆29Updated this week
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆51Updated last month
• keowu / InstrumentationCallbackToolKit
  A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…
  ☆35Updated 2 years ago
• therealdreg / ida_bochs_windows
  Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)
  ☆61Updated 2 years ago
• jeperez / WinREPL
  x86 and x64 assembly "read-eval-print loop" for Windows
  ☆33Updated 8 years ago
• cyberark / ByteCodeLLM
  ☆56Updated 11 months ago
• NewWorldComingSoon / UnknownField
  UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.
  ☆44Updated 2 years ago
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆73Updated last year
• gognl / VMBR
  A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data
  ☆28Updated last year
• ek0 / hxemu
  Triton based symbolic emulator
  ☆16Updated 3 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆38Updated 2 years ago
• aphage / wow64-gate-hook
  Wow64 Heaven's Gate Hook
  ☆29Updated 4 years ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆21Updated 2 years ago
• archercreat / srvhide
  Simple tool to dump/hide services in services.exe process.
  ☆14Updated 3 years ago
• MrRoy09 / VMwhere
  LLVM based obfuscation engine
  ☆108Updated 5 months ago
• D0pam1ne705 / Direct-NtCreateUserProcess
  Call NtCreateUserProcess directly as normal.
  ☆75Updated 3 years ago
• ColinFinck / nt-load-order
  A Rust library along with a Win32 GUI application to determine the driver load order of a Windows system (cf. https://colinfinck.de/posts…
  ☆11Updated 10 months ago
• Jasper1467 / WindowsDefender_Rebuild
  An attempt at reversing WindowsDefender
  ☆20Updated last year
• 0xlane / com-process-inject
  Process Injection via Component Object Model (COM) IRundown::DoCallback().
  ☆63Updated 2 years ago