Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.
☆86Mar 16, 2026Updated 2 months ago
Alternatives and similar repositories for NTMemory
Users that are interested in NTMemory are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- POC Windows kernel driver that spoofs threads for NMI callbacks on x86-64.☆28Mar 30, 2025Updated last year
- A demonstration of hooking into the VMProtect-2 virtual machine☆26Nov 9, 2023Updated 2 years ago
- x86-64 Automated test data generator☆26Aug 18, 2025Updated 9 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆104Oct 18, 2025Updated 7 months ago
- public index of IDA Pro plugins☆37Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆15May 2, 2024Updated 2 years ago
- A simple DLL that can intercept HID messages and pass them on to the real HID DLL, while logging the data.☆23Oct 3, 2014Updated 11 years ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆140Aug 25, 2025Updated 9 months ago
- Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)☆96Oct 26, 2025Updated 7 months ago
- A C++ REPL for IDA Pro / IDA C++ SDK☆94Mar 26, 2026Updated 2 months ago
- Very easy to use pdb parsing library with only one header file,You can use it even if you are a fool.☆12Feb 12, 2026Updated 3 months ago
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆211Dec 8, 2025Updated 6 months ago
- A scanner for the FortiNet vulnerability CVE-2025-64446☆31Nov 18, 2025Updated 6 months ago
- A Windows kernel driver viewer and manager built in Rust — real-time enumeration, signature verification, SCM operations, and multi-for…☆148Mar 16, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Full source code for RijiN/codebase_main☆82May 3, 2026Updated last month
- micro lua☆25Apr 7, 2026Updated 2 months ago
- ExportHider: Generating Export Table during Runtime to Hide the Exported Functions from the DLL File.☆33Apr 12, 2026Updated last month
- An utility to download PDB files associated with a Portable Executable (PE).☆17Feb 18, 2025Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆33Sep 24, 2025Updated 8 months ago
- Deobfuscation and Analysis of Ring-1.io☆102Feb 7, 2026Updated 4 months ago
- A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.☆12Jan 31, 2025Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆107Nov 7, 2025Updated 7 months ago
- Bof of RegPwn by MDSec☆123Mar 15, 2026Updated 2 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A small WinRM client designed for interacting with JEA endpoints.☆19Aug 29, 2024Updated last year
- Using Windows' own bootloader as a shim to bypass Secure Boot☆244Jul 17, 2024Updated last year
- Optimized software implementation in C of the RC4 encryption algorithm.☆15Mar 4, 2013Updated 13 years ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 9 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆255Jan 24, 2025Updated last year
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆78Apr 23, 2026Updated last month
- A Proof-of-Concept using Cache Smuggling + Exif data to passively download a second stage payload☆51Oct 28, 2025Updated 7 months ago
- CyberShield 2025 Intro to EDR Evasion Class☆18Jun 3, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A tool to easily perform GitHub Device Code Phishing on red team engagements☆95Feb 9, 2026Updated 4 months ago
- cr3 shuffle driver☆88Mar 24, 2024Updated 2 years ago
- The sequel to Voyager☆106Aug 21, 2024Updated last year
- ☆15Mar 28, 2015Updated 11 years ago
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆101Feb 1, 2026Updated 4 months ago
- Simple mmapper which using UEFI runtime driver.☆83Aug 31, 2019Updated 6 years ago
- Pointer encryption library in rust.☆19Apr 13, 2025Updated last year