Alternatives and similar repositories for woftool

Users that are interested in woftool are comparing it to the libraries listed below

• thinkcz / pico-toolbox
  PICO processes toolbox, playground for PICO processes research
  ☆73Updated 7 years ago
• AndreyBazhan / SymStore
  The history of Windows Internals via symbols.
  ☆178Updated 3 years ago
• ntdiff / ntdiff
  ☆127Updated 8 months ago
• ykfre / BsodSurvivor
  This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload…
  ☆172Updated 2 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆143Updated 4 years ago
• zodiacon / GflagsX
  Enhanced version of the GFlags tool
  ☆84Updated 5 years ago
• zodiacon / RunAppContainer
  Run executables in an AppContainer
  ☆122Updated 6 years ago
• arizvisa / ndk
  A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.
  ☆54Updated 5 years ago
• zodiacon / PoolMonX
  A GUI version of the classic PoolMon tool
  ☆113Updated 7 years ago
• Biswa96 / WslReverse
  Experiments with hidden COM interface and LxBus IPC mechanism in WSL
  ☆86Updated 2 years ago
• yardenshafir / PoolViewer
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆139Updated 2 years ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆143Updated 6 years ago
• vovkos / protolesshooks
  API monitoring via return-hijacking thunks; works without information about target function prototypes.
  ☆118Updated 5 years ago
• ionescu007 / tpmtool
  The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, wi…
  ☆145Updated 3 years ago
• WalkingCat / SymDiff
  Diff tool for comparing symbols in PDB files
  ☆83Updated 5 years ago
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆87Updated 9 years ago
• zodiacon / PoolMonXv2
  Kernel Pool Monitor
  ☆125Updated 3 years ago
• ionescu007 / wnfun
  WNF Utilities 4 Newbies (WNFUN)
  ☆95Updated 6 years ago
• m417z / global-inject-demo
  A global injection and hooking example
  ☆143Updated last year
• 0vercl0k / pywinhv
  Python bindings for the Microsoft Hypervisor Platform APIs.
  ☆80Updated 6 years ago
• lowleveldesign / comon
  A WinDbg extension to trace COM interactions
  ☆114Updated last year
• gerhart01 / LiveCloudKd
  Hyper-V Research is trendy now
  ☆163Updated 2 weeks ago
• dishather / richprint
  Print compiler information stored in Rich Header of PE executables.
  ☆137Updated this week
• AndreyBazhan / DbgPkg
  Scripts to prepare Windows system for debugging.
  ☆30Updated 4 years ago
• andrew-boyarshin / LoaderWatch
  Windows 10 PE image loader (LDR) NTDLL component toolbox
  ☆49Updated 5 years ago
• ionescu007 / r0ak
  ☆32Updated 6 years ago
• yardenshafir / KernelDataStructureFinder
  Driver and WinDBG scripts to dump information about all resources and lookaside lists
  ☆67Updated 5 years ago
• mrexodia / JitMagic
  Simple tool that allows you to have multiple Just-In-Time debuggers at once.
  ☆93Updated 6 months ago
• ionescu007 / hdk
  (unofficial) Hyper-V® Development Kit
  ☆218Updated last year
• jschicht / EaTools
  Analysis and manipulation of extended attribute ($EA) on NTFS
  ☆38Updated 9 years ago