Alternatives and similar repositories for PoolViewer:

Users that are interested in PoolViewer are comparing it to the libraries listed below

• 0vercl0k / kdmp-parser
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆195Updated 6 months ago
• 0xcpu / WinAltSyscallHandler
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆212Updated 5 years ago
• hugsy / windbg_js_scripts
  Toy scripts for playing with WinDbg JS API
  ☆221Updated 6 months ago
• ionescu007 / clfs-docs
  Unofficial Common Log File System (CLFS) Documentation
  ☆167Updated 3 years ago
• commial / ttd-bindings
  Bindings for Microsoft WinDBG TTD
  ☆217Updated last year
• repnz / apc-research
  APC Internals Research Code
  ☆161Updated 4 years ago
• raminfp / basic-windows-kernel-programming
  Basic Windows Kernel Programming
  ☆124Updated 4 years ago
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆86Updated 3 years ago
• waleedassar / RestrictedKernelLeaks
  ☆158Updated 3 years ago
• 0xcpu / ExecutiveCallbackObjects
  Research on Windows Kernel Executive Callback Objects
  ☆282Updated 4 years ago
• tandasat / hvext
  The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.
  ☆134Updated last week
• Signal-Labs / IOCTLDump
  ☆139Updated last year
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆139Updated 5 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆129Updated last year
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆193Updated 2 months ago
• jthuraisamy / ioctlpus
  ☆107Updated 4 years ago
• gerhart01 / LiveCloudKd
  Hyper-V Research is trendy now
  ☆156Updated last week
• synacktiv / Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion
  PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
  ☆200Updated 4 years ago
• hugsy / CFB
  Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
  ☆312Updated 9 months ago
• 0vercl0k / symbolizer
  A fast execution trace symbolizer for Windows.
  ☆130Updated 8 months ago
• msuiche / LiveCloudKd
  Hyper-V Research is trendy now
  ☆176Updated 8 months ago
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆117Updated 3 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆129Updated 4 years ago
• markhc / windbg_to_c
  Translates WinDbg "dt" structure dump to a C structure
  ☆127Updated 8 years ago
• p0dalirius / pyPDBdownload
  A Python script to download PDB files associated with a Portable Executable (PE)
  ☆117Updated 6 months ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 3 years ago
• ntdiff / ntdiff
  ☆123Updated 3 months ago
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆224Updated 2 years ago