Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.
☆80Mar 16, 2026Updated last month
Alternatives and similar repositories for NTMemory
Users that are interested in NTMemory are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- POC Windows kernel driver that spoofs threads for NMI callbacks on x86-64.☆27Mar 30, 2025Updated last year
- A demonstration of hooking into the VMProtect-2 virtual machine☆24Nov 9, 2023Updated 2 years ago
- x86-64 Automated test data generator☆26Aug 18, 2025Updated 8 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆103Oct 18, 2025Updated 6 months ago
- public index of IDA Pro plugins☆32Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆15May 2, 2024Updated last year
- A simple DLL that can intercept HID messages and pass them on to the real HID DLL, while logging the data.☆23Oct 3, 2014Updated 11 years ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 8 months ago
- Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)☆94Oct 26, 2025Updated 6 months ago
- A C++ REPL for IDA Pro / IDA C++ SDK☆90Mar 26, 2026Updated last month
- Very easy to use pdb parsing library with only one header file,You can use it even if you are a fool.☆11Feb 12, 2026Updated 2 months ago
- A Windows kernel driver viewer and manager built in Rust — real-time enumeration, signature verification, SCM operations, and multi-for…☆133Mar 16, 2026Updated last month
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆212Dec 8, 2025Updated 4 months ago
- A scanner for the FortiNet vulnerability CVE-2025-64446☆30Nov 18, 2025Updated 5 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- micro lua☆22Apr 7, 2026Updated 3 weeks ago
- Bof of RegPwn by MDSec☆118Mar 15, 2026Updated last month
- ☆79Jan 1, 2026Updated 3 months ago
- An utility to download PDB files associated with a Portable Executable (PE).☆15Feb 18, 2025Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆33Sep 24, 2025Updated 7 months ago
- Deobfuscation and Analysis of Ring-1.io☆87Feb 7, 2026Updated 2 months ago
- A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.☆12Jan 31, 2025Updated last year
- A tool to easily perform GitHub Device Code Phishing on red team engagements☆92Feb 9, 2026Updated 2 months ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆235Jul 17, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 5 months ago
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆100Feb 1, 2026Updated 2 months ago
- Optimized software implementation in C of the RC4 encryption algorithm.☆15Mar 4, 2013Updated 13 years ago
- A small WinRM client designed for interacting with JEA endpoints.☆13Aug 29, 2024Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 8 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆240Jan 24, 2025Updated last year
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- A Proof-of-Concept using Cache Smuggling + Exif data to passively download a second stage payload☆51Oct 28, 2025Updated 6 months ago
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆74Updated this week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- The sequel to Voyager☆101Aug 21, 2024Updated last year
- CyberShield 2025 Intro to EDR Evasion Class☆16Jun 3, 2025Updated 10 months ago
- cr3 shuffle driver☆85Mar 24, 2024Updated 2 years ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆72Mar 8, 2026Updated last month
- Network Fuzzing Framework☆64Jan 17, 2026Updated 3 months ago
- ☆15Mar 28, 2015Updated 11 years ago
- Simple mmapper which using UEFI runtime driver.☆83Aug 31, 2019Updated 6 years ago