Alternatives and similar repositories for RegMon

Users that are interested in RegMon are comparing it to the libraries listed below

• zodiacon / ndcoslo2019
  NDC Oslo 2019 slides and demos
  ☆32Updated 4 years ago
• avalon1610 / ALPC
  Advance LPC
  ☆69Updated 8 years ago
• zodiacon / KernelObjectView
  View handles and object for each object type
  ☆64Updated 5 years ago
• OSRDrivers / windbg-exts
  Various WinDbg extensions and scripts
  ☆31Updated 6 years ago
• yardenshafir / KernelDataStructureFinder
  Driver and WinDBG scripts to dump information about all resources and lookaside lists
  ☆68Updated 5 years ago
• gerronjo / openlibs
  Open Source Libraries Collection
  ☆24Updated 9 years ago
• arizvisa / ndk
  A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.
  ☆54Updated 5 years ago
• zer0mem / ShowMeYourGongFu
  OpenSrc projects; common multiprojects headers store to ./Common/*category*/
  ☆49Updated 11 years ago
• MartinDrab / VrtuleTree
  VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its func…
  ☆59Updated 4 years ago
• packetzero / etwrealtime
  Example of real-time Windows ETW packet capture session
  ☆53Updated 7 years ago
• zodiacon / JobExplorer
  Explore Job Objects on a Windows system
  ☆83Updated 5 years ago
• mtth-bfft / lsobj
  Lists all visible objects in the Windows kernel object namespace, a command-line WinObj
  ☆14Updated 7 years ago
• AaLl86 / retroware
  This repository contains some tools that I have written in the past
  ☆28Updated last year
• zodiacon / WinSys
  C++ library for low-level Windows development
  ☆74Updated last year
• AndreyBazhan / DbgExt
  Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).
  ☆69Updated 8 years ago
• georgenicolaou / HeavenInjector
  Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process
  ☆96Updated 6 years ago
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆36Updated 4 years ago
• BreakingMalwareResearch / CFGExceptions
  Adding exceptions to Microsoft's Control Flow Guard (CFG)
  ☆58Updated 9 years ago
• repnz / simple-os
  Simple Protected Mode Kernel for i386
  ☆15Updated 5 years ago
• tandasat / DebugLogger
  A software driver that lets you log kernel-mode debug output into a file on Windows.
  ☆107Updated 6 years ago
• yardenshafir / InformationClasses
  Documenting system information classes and their uses
  ☆51Updated 3 years ago
• zodiacon / ObjectBrowser
  An alternative tool to Sysinternals WinObj tool (nicer icons!)
  ☆36Updated 6 years ago
• MeeSong / Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC
  Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC
  ☆24Updated 6 years ago
• zodiacon / ObjDir
  Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.
  ☆20Updated last year
• zodiacon / ALPCLogger
  Log ALPC activity
  ☆84Updated last year
• SanseoLab / ProcLogger
  Windows Simple Process Logger implemented as driver
  ☆18Updated 7 years ago
• Fyyre / directntapi
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆53Updated last year
• zodiacon / Blog
  Blog posts
  ☆30Updated 4 years ago
• AntiRootkit / BDArkit
  just an lite AntiRootkit for interesting
  ☆23Updated 9 years ago
• OSRDrivers / Inverted
  Example WDF/KMDF driver and test app demonstrating the "inverted call model"
  ☆36Updated 5 years ago