Alternatives and similar repositories for cet-research

Users that are interested in cet-research are comparing it to the libraries listed below

• Signal-Labs / IOCTLDump
  ☆143Updated last year
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆72Updated last year
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆95Updated 3 years ago
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆51Updated 4 years ago
• SinaKarvandi / windbg2ida
  Windbg2ida lets you dump each step in Windbg then shows these steps in IDA
  ☆75Updated 10 months ago
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆88Updated 3 years ago
• IOActive / kmdf_re
  Helper idapython code for reversing kmdf drivers
  ☆72Updated 2 years ago
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆65Updated last year
• idiom / stackstack
  ☆31Updated 3 years ago
• repnz / windows-imports-searcher
  Support Windows OS Reversing by searching easily for references to functions across many DLLs
  ☆34Updated 3 years ago
• yardenshafir / KernelDataStructureFinder
  Driver and WinDBG scripts to dump information about all resources and lookaside lists
  ☆67Updated 5 years ago
• ivellioscolin / pykd
  A pykd maintenance fork
  ☆48Updated 3 months ago
• yardenshafir / InformationClasses
  Documenting system information classes and their uses
  ☆51Updated 3 years ago
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆121Updated 4 years ago
• redplait / armpatched
  clone of armadillo patched for windows
  ☆47Updated 7 months ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆60Updated 9 months ago
• 0xcpu / WinAltSyscallHandler
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆219Updated 5 years ago
• hfiref0x / Misc
  Miscellaneous Code and Docs
  ☆81Updated last year
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆87Updated 9 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• tandasat / hvext
  The Windbg extensions to study Hyper-V on Intel and AMD processors.
  ☆153Updated 2 months ago
• gerhart01 / Hyper-V-Tools
  Different tools for Microsoft Hyper-V researching
  ☆57Updated 11 months ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆45Updated 4 years ago
• omerk2511 / NotifyRoutinesResearch
  A research project about Windows notify routines.
  ☆35Updated 4 years ago
• yardenshafir / PoolViewer
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆138Updated 2 years ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆143Updated 6 years ago
• ioncodes / kdbg-driver-vagrant
  ☆43Updated 3 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆35Updated 4 years ago
• t3ssellate / unmapper
  An automatic tool for fixing dumped PE files
  ☆41Updated 4 years ago
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆57Updated 3 years ago