Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.
☆77Mar 16, 2026Updated 3 weeks ago
Alternatives and similar repositories for NTMemory
Users that are interested in NTMemory are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- POC Windows kernel driver that spoofs threads for NMI callbacks on x86-64.☆24Mar 30, 2025Updated last year
- A demonstration of hooking into the VMProtect-2 virtual machine☆24Nov 9, 2023Updated 2 years ago
- x86-64 Automated test data generator☆26Aug 18, 2025Updated 7 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆100Oct 18, 2025Updated 5 months ago
- public index of IDA Pro plugins☆27Updated this week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆15May 2, 2024Updated last year
- A simple DLL that can intercept HID messages and pass them on to the real HID DLL, while logging the data.☆23Oct 3, 2014Updated 11 years ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 7 months ago
- Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)☆95Oct 26, 2025Updated 5 months ago
- Very easy to use pdb parsing library with only one header file,You can use it even if you are a fool.☆11Feb 12, 2026Updated last month
- A C++ REPL for IDA Pro / IDA C++ SDK☆89Mar 26, 2026Updated 2 weeks ago
- A Windows kernel driver viewer and manager built in Rust — real-time enumeration, signature verification, SCM operations, and multi-for…☆130Mar 16, 2026Updated 3 weeks ago
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆209Dec 8, 2025Updated 4 months ago
- A scanner for the FortiNet vulnerability CVE-2025-64446☆30Nov 18, 2025Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ☆73Jan 1, 2026Updated 3 months ago
- micro lua☆21Sep 25, 2024Updated last year
- Bof of RegPwn by MDSec☆115Mar 15, 2026Updated 3 weeks ago
- An utility to download PDB files associated with a Portable Executable (PE).☆15Feb 18, 2025Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆32Sep 24, 2025Updated 6 months ago
- A tool to easily perform GitHub Device Code Phishing on red team engagements☆92Feb 9, 2026Updated 2 months ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆232Jul 17, 2024Updated last year
- A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.☆12Jan 31, 2025Updated last year
- Deobfuscation and Analysis of Ring-1.io☆84Feb 7, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆96Feb 1, 2026Updated 2 months ago
- cr3 shuffle driver☆81Mar 24, 2024Updated 2 years ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 5 months ago
- A small WinRM client designed for interacting with JEA endpoints.☆13Aug 29, 2024Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 7 months ago
- Optimized software implementation in C of the RC4 encryption algorithm.☆15Mar 4, 2013Updated 13 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆238Jan 24, 2025Updated last year
- A Proof-of-Concept using Cache Smuggling + Exif data to passively download a second stage payload☆51Oct 28, 2025Updated 5 months ago
- The sequel to Voyager☆102Aug 21, 2024Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆72Sep 27, 2025Updated 6 months ago
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆71Mar 8, 2026Updated last month
- CyberShield 2025 Intro to EDR Evasion Class☆16Jun 3, 2025Updated 10 months ago
- Network Fuzzing Framework☆64Jan 17, 2026Updated 2 months ago
- ☆15Mar 28, 2015Updated 11 years ago
- ApplyCalleeType IDA Plugin 🤙 — Reborn. Single-file port to IDA Pro 9.3 with right-click menu, live prototype editor, and full SAL/MSDN p…☆59Mar 9, 2026Updated last month