Alternatives and similar repositories for woftool

Users that are interested in woftool are comparing it to the libraries listed below

• arizvisa / ndk
  A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.
  ☆54Updated 5 years ago
• thinkcz / pico-toolbox
  PICO processes toolbox, playground for PICO processes research
  ☆72Updated 7 years ago
• AndreyBazhan / SymStore
  The history of Windows Internals via symbols.
  ☆178Updated 3 years ago
• yardenshafir / IoRing_Demos
  A repository for I/O ring demos, use cases and performance testing on Windows
  ☆45Updated 2 years ago
• neosmart / msvcrt.lib
  msvcrt.lib for linking against msvcrt.dll on all versions of Windows
  ☆82Updated 4 years ago
• zodiacon / RunAppContainer
  Run executables in an AppContainer
  ☆122Updated 6 years ago
• athre0z / disas-bench
  X86 disassembler benchmark
  ☆60Updated 11 months ago
• inbilla / pySymProxy
  An implementation of a Microsoft Symbol Proxy server using Python
  ☆38Updated 4 years ago
• zodiacon / PoolMonX
  A GUI version of the classic PoolMon tool
  ☆113Updated 7 years ago
• Biswa96 / WslReverse
  Experiments with hidden COM interface and LxBus IPC mechanism in WSL
  ☆86Updated 2 years ago
• m417z / global-inject-demo
  A global injection and hooking example
  ☆141Updated last year
• Wack0 / DeltaDownloader
  Given delta compressed PE files, find download links for them on the Microsoft Symbol Server. No source PE file or VirusTotal access requ…
  ☆30Updated last year
• ntdiff / ntdiff
  ☆126Updated 8 months ago
• ionescu007 / r0ak
  ☆32Updated 6 years ago
• dishather / richprint
  Print compiler information stored in Rich Header of PE executables.
  ☆137Updated this week
• zodiacon / JobExplorer
  Explore Job Objects on a Windows system
  ☆83Updated 5 years ago
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆121Updated 4 years ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆143Updated 6 years ago
• Fyyre / ntdll
  ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h
  ☆139Updated 5 years ago
• lowleveldesign / comon
  A WinDbg extension to trace COM interactions
  ☆114Updated last year
• ionescu007 / hdk
  (unofficial) Hyper-V® Development Kit
  ☆218Updated last year
• msuiche / LiveCloudKd
  Hyper-V Research is trendy now
  ☆180Updated last year
• andrew-boyarshin / LoaderWatch
  Windows 10 PE image loader (LDR) NTDLL component toolbox
  ☆49Updated 5 years ago
• 0vercl0k / pywinhv
  Python bindings for the Microsoft Hypervisor Platform APIs.
  ☆80Updated 5 years ago
• yardenshafir / cet-research
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆84Updated 4 years ago
• 0vercl0k / kdmp-parser
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆199Updated 10 months ago
• diversenok / TransactionMaster
  A tool for Windows that can make any program work within file-system transactions.
  ☆58Updated 4 years ago
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆87Updated 9 years ago
• vovkos / protolesshooks
  API monitoring via return-hijacking thunks; works without information about target function prototypes.
  ☆117Updated 5 years ago
• yardenshafir / SymlinkCallback
  A driver that hooks C: volume using symbolic link callback to track all FS access to the volume
  ☆108Updated 5 years ago