Alternatives and similar repositories for NativeImageAnalyzer

Users that are interested in NativeImageAnalyzer are comparing it to the libraries listed below

• orca-eaa5a / mploader
  Portable & Custmizable Windows Defender
  ☆12Updated 3 years ago
• keowu / InstrumentationCallbackToolKit
  A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…
  ☆32Updated 2 years ago
• baiyies / CrossInject
  32 bit process inject shellcode to 32 bit process and 64 bit process
  ☆34Updated 2 years ago
• jsacco / PPL_Bypass
  ☆11Updated 3 years ago
• joaovarelas / java-remote-class-loader
  ☆31Updated 3 years ago
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆78Updated 4 months ago
• MahmoudZohdy / DLL-Obfuscation-V2
  Load Encrypted Dll Using LoadLibraryA, Keep The Dll Encrypted on disc all the time and decrypt it only in memory.
  ☆23Updated 4 years ago
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆73Updated last year
• 3dnow / NtCreateLowBoxToken
  A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering
  ☆41Updated 4 months ago
• bytewreck / hook-buster
  Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.
  ☆31Updated 3 years ago
• m3rcer / IRvana
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆119Updated 2 months ago
• 0xlane / com-process-inject
  Process Injection via Component Object Model (COM) IRundown::DoCallback().
  ☆61Updated 2 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆89Updated last week
• zodiacon / Minimal
  ☆16Updated 2 years ago
• m417z / minhook-detours
  A hooking library with a MinHook-like API and a Detours-like implementation, with support for the x86, x64, and ARM64 platforms
  ☆30Updated 2 months ago
• backengineering / msrexec
  Elevate arbitrary MSR writes to kernel execution.
  ☆38Updated 2 years ago
• not-matthias / vmprotect-rs
  Rust bindings for VMProtect.
  ☆26Updated last year
• roadwy / SIGNATURE_TYPE_LUASTANDALONE
  Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm
  ☆16Updated last year
• alfarom256 / HPHardwareDiagnostics-PoC
  PoC exploit for HP Hardware Diagnostic's EtdSupp driver
  ☆50Updated 2 years ago
• backengineering / pdbgen2
  Generate a PDB file given the old PDB file and an address mapping
  ☆49Updated 2 months ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆21Updated 2 years ago
• magnusstubman / dll-exports
  Collection of DLL function export forwards for DLL export function proxying
  ☆105Updated 2 months ago
• ryan-weil / Code-Cave
  Injects position-dependent code into a code cave in an executable file, and applies relocations.
  ☆23Updated 2 years ago
• mez-0 / YaraEngine
  A C++ Yara Rule Runner
  ☆12Updated 3 years ago
• killvxk / awesome-obfuscations
  ☆51Updated 3 months ago
• MahmoudZohdy / IAT-Obfuscation
  IAT-Obfuscation to make static analysis of executable harder.
  ☆43Updated 4 years ago
• MrRoy09 / VMwhere
  LLVM based obfuscation engine
  ☆100Updated 4 months ago
• rad9800 / VehApiResolve
  ☆114Updated 3 years ago
• jackullrich / memfuck
  A PoC designed to bypass all usermode hooks in a WoW64 environment.
  ☆150Updated 5 years ago
• the-deniss / Vulnerability-Disclosures
  Vulnerability analysis and proof of concepts
  ☆37Updated 2 years ago