Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.
☆86Mar 16, 2026Updated 2 months ago
Alternatives and similar repositories for NTMemory
Users that are interested in NTMemory are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- POC Windows kernel driver that spoofs threads for NMI callbacks on x86-64.☆27Mar 30, 2025Updated last year
- A demonstration of hooking into the VMProtect-2 virtual machine☆24Nov 9, 2023Updated 2 years ago
- x86-64 Automated test data generator☆25Aug 18, 2025Updated 9 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆104Oct 18, 2025Updated 7 months ago
- public index of IDA Pro plugins☆34Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆15May 2, 2024Updated 2 years ago
- A simple DLL that can intercept HID messages and pass them on to the real HID DLL, while logging the data.☆23Oct 3, 2014Updated 11 years ago
- Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)☆95Oct 26, 2025Updated 6 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 8 months ago
- A C++ REPL for IDA Pro / IDA C++ SDK☆93Mar 26, 2026Updated last month
- Very easy to use pdb parsing library with only one header file,You can use it even if you are a fool.☆12Feb 12, 2026Updated 3 months ago
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆213Dec 8, 2025Updated 5 months ago
- A Windows kernel driver viewer and manager built in Rust — real-time enumeration, signature verification, SCM operations, and multi-for…☆134Mar 16, 2026Updated 2 months ago
- A scanner for the FortiNet vulnerability CVE-2025-64446☆31Nov 18, 2025Updated 6 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Full source code for RijiN/codebase_main☆72May 3, 2026Updated 2 weeks ago
- Bof of RegPwn by MDSec☆121Mar 15, 2026Updated 2 months ago
- micro lua☆22Apr 7, 2026Updated last month
- An utility to download PDB files associated with a Portable Executable (PE).☆16Feb 18, 2025Updated last year
- ExportHider: Generating Export Table during Runtime to Hide the Exported Functions from the DLL File.☆33Apr 12, 2026Updated last month
- ☆82Jan 1, 2026Updated 4 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆33Sep 24, 2025Updated 7 months ago
- Deobfuscation and Analysis of Ring-1.io☆94Feb 7, 2026Updated 3 months ago
- A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.☆12Jan 31, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Using Windows' own bootloader as a shim to bypass Secure Boot☆240Jul 17, 2024Updated last year
- A tool to easily perform GitHub Device Code Phishing on red team engagements☆92Feb 9, 2026Updated 3 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 6 months ago
- Optimized software implementation in C of the RC4 encryption algorithm.☆15Mar 4, 2013Updated 13 years ago
- A small WinRM client designed for interacting with JEA endpoints.☆18Aug 29, 2024Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 8 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆246Jan 24, 2025Updated last year
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆99Feb 1, 2026Updated 3 months ago
- A Proof-of-Concept using Cache Smuggling + Exif data to passively download a second stage payload☆50Oct 28, 2025Updated 6 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆75Apr 23, 2026Updated 3 weeks ago
- CyberShield 2025 Intro to EDR Evasion Class☆18Jun 3, 2025Updated 11 months ago
- cr3 shuffle driver☆86Mar 24, 2024Updated 2 years ago
- The sequel to Voyager☆105Aug 21, 2024Updated last year
- ☆15Mar 28, 2015Updated 11 years ago
- Simple mmapper which using UEFI runtime driver.☆83Aug 31, 2019Updated 6 years ago