Alternatives and similar repositories for TotalPE2:

Users that are interested in TotalPE2 are comparing it to the libraries listed below

• zodiacon / ObjectExplorer
  Explore Kernel Objects on Windows
  ☆201Updated last year
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆202Updated 2 years ago
• zodiacon / TotalPE
  Yet another PE Viewer
  ☆137Updated 2 years ago
• mrexodia / phnt-single-header
  Single header version of System Informer's phnt library.
  ☆192Updated this week
• notscimmy / pplib
  Elevate a process to be a protected process
  ☆144Updated 5 years ago
• HoShiMin / formatPE
  A bunch of parsers for PE and PDB formats in C++
  ☆230Updated 8 months ago
• DownWithUp / ALPC-Example
  An example of a client and server using Windows' ALPC functions to send and receive data.
  ☆90Updated last week
• VollRagm / PTView
  Browse Page Tables on Windows (Page Table Viewer)
  ☆194Updated 2 years ago
• diversenok / Suspending-Techniques
  Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.
  ☆117Updated 3 years ago
• kkent030315 / NoPatchGuardCallback
  x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
  ☆200Updated 3 years ago
• kkent030315 / anycall
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆260Updated 2 years ago
• Ido-Moshe-Github / CiDllDemo
  Use ci.dll API for validating Authenticode signature of files
  ☆137Updated 2 years ago
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆268Updated 3 months ago
• MiroKaku / Musa.Veil
  Collection of undocumented Windows API declarations.
  ☆300Updated 2 weeks ago
• zodiacon / WinSpy
  Enhanced version of the classic Spy++ tool
  ☆180Updated 10 months ago
• MiroKaku / libwsk
  The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).
  ☆241Updated this week
• m417z / global-inject-demo
  A global injection and hooking example
  ☆135Updated last year
• repnz / apc-research
  APC Internals Research Code
  ☆161Updated 4 years ago
• polycone / pe-loader
  A Windows PE format file loader
  ☆139Updated 6 years ago
• m417z / ntdoc
  Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
  ☆202Updated this week
• Fyyre / ntdll
  ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h
  ☆132Updated 5 years ago
• paskalian / WID_LoadLibrary
  Reverse engineering winapi function loadlibrary.
  ☆80Updated last year
• mrexodia / AppInitHook
  Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…
  ☆167Updated 2 years ago
• hfiref0x / WubbabooMark
  Debugger Anti-Detection Benchmark
  ☆303Updated last year
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆139Updated 5 years ago
• pathtofile / PPLRunner
  Run Processes as PPL with ELAM
  ☆153Updated 2 years ago
• zodiacon / windowskernelprogrammingbook2e
  Samples for the book Windows Kernel Programming, 2nd edition
  ☆317Updated last month
• SinaKarvandi / Process-Magics
  This is a collection of interesting codes about Windows Process creation.
  ☆233Updated last year
• hfiref0x / AuthHashCalc
  Authenticode Hash Calculator for PE32/PE32+ files
  ☆108Updated 11 months ago
• adrianyy / KeInject
  Kernel LdrLoadDll injector
  ☆259Updated 6 years ago