Alternatives and similar repositories for lznt1

Users that are interested in lznt1 are comparing it to the libraries listed below

• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆96Updated 3 years ago
• hfiref0x / MpEnum
  Enumerate Windows Defender threat families and dump their names according category
  ☆90Updated 6 years ago
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆123Updated 4 years ago
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆178Updated 6 years ago
• Dump-GUY / ghidra_scripts
  ☆71Updated last year
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆75Updated 10 years ago
• KasperskyLab / VBscriptInternals
  Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis
  ☆85Updated 3 years ago
• goretk / pygore
  pyGoRE - Python library for analyzing Go binaries
  ☆64Updated 3 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆65Updated 3 years ago
• Wenzel / osw-fs-windows
  A git history of Windows filesystems
  ☆76Updated 4 years ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆210Updated 3 years ago
• ctxis / capemon
  CAPE monitor DLLs
  ☆41Updated 5 years ago
• hasherezade / flareon2019
  Flare-On solutions
  ☆36Updated 5 years ago
• Truneski / WindowsKernelProgramming-Exercises
  ☆49Updated 5 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• danielplohmann / empty_msvc
  A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.
  ☆32Updated 11 months ago
• djhohnstein / ProcessReimaging
  Process reimaging proof of concept code
  ☆96Updated 5 years ago
• fboldewin / COM-Code-Helper
  Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
  ☆183Updated 4 years ago
• OsandaMalith / ApiMon
  A simple API monitor for Windbg
  ☆63Updated 8 years ago
• edeca / rtfraptor
  Extract OLEv1 objects from RTF files by instrumenting Word
  ☆51Updated 5 years ago
• Neo23x0 / DLLRunner
  Smart DLL execution for malware analysis in sandbox systems
  ☆144Updated 10 years ago
• Fare9 / ANBU
  ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.
  ☆91Updated 6 years ago
• 86hh / DreamLoader
  Simple 32/64-bit PEs loader.
  ☆138Updated 6 years ago
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆65Updated 4 years ago
• williballenthin / python-sdb
  Pure Python parser for Application Compatibility Shim Databases (.sdb files)
  ☆108Updated 4 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 4 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆143Updated 4 years ago
• HexHive / malWASH
  ☆115Updated 8 years ago
• angelkillah / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆87Updated 8 years ago