Alternatives and similar repositories for TotalPE2

Users that are interested in TotalPE2 are comparing it to the libraries listed below

• zodiacon / ObjectExplorer
  Explore Kernel Objects on Windows
  ☆216Updated last month
• zodiacon / TotalPE
  Yet another PE Viewer
  ☆142Updated 2 years ago
• mrexodia / phnt-single-header
  Single header version of System Informer's phnt library.
  ☆221Updated last week
• HoShiMin / formatPE
  A bunch of parsers for PE and PDB formats in C++
  ☆246Updated last year
• notscimmy / pplib
  Elevate a process to be a protected process
  ☆150Updated 5 years ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆210Updated 2 years ago
• hfiref0x / AuthHashCalc
  Authenticode Hash Calculator for PE32/PE32+ files
  ☆111Updated last year
• Fyyre / ntdll
  ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h
  ☆139Updated 5 years ago
• diversenok / Suspending-Techniques
  Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.
  ☆124Updated 3 years ago
• m417z / global-inject-demo
  A global injection and hooking example
  ☆141Updated last year
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆280Updated 7 months ago
• Ido-Moshe-Github / CiDllDemo
  Use ci.dll API for validating Authenticode signature of files
  ☆140Updated 3 years ago
• mrexodia / driver_unpacking
  Ghetto user mode emulation of Windows kernel drivers.
  ☆139Updated 7 months ago
• DownWithUp / ALPC-Example
  An example of a client and server using Windows' ALPC functions to send and receive data.
  ☆96Updated 4 months ago
• kkent030315 / anycall
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆322Updated 2 years ago
• ryan-weil / HideProcessHook
  DLL that hooks the NtQuerySystemInformation API and hides a process name
  ☆288Updated 2 years ago
• ajkhoury / ApiSet
  API Set resolver for Windows
  ☆133Updated 8 months ago
• zodiacon / windowskernelprogrammingbook2e
  Samples for the book Windows Kernel Programming, 2nd edition
  ☆338Updated 5 months ago
• SamuelTulach / HookGuard
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆174Updated 4 months ago
• MiroKaku / Musa.Veil
  Collection of undocumented Windows API declarations.
  ☆314Updated this week
• hfiref0x / WubbabooMark
  Debugger Anti-Detection Benchmark
  ☆332Updated last year
• zodiacon / WinSpy
  Enhanced version of the classic Spy++ tool
  ☆198Updated last year
• repnz / apc-research
  APC Internals Research Code
  ☆166Updated 4 years ago
• NewWorldComingSoon / llvm-msvc
  This project migrated to https://github.com/backengineering/llvm-msvc
  ☆82Updated last year
• 0vercl0k / udmp-parser
  A Cross-Platform C++ parser library for Windows user minidumps with Python 3 bindings.
  ☆204Updated 6 months ago
• pathtofile / PPLRunner
  Run Processes as PPL with ELAM
  ☆163Updated 3 years ago
• JustasMasiulis / wow64pp
  A modern c++ implementation of windows heavens gate
  ☆222Updated 4 years ago
• zodiacon / ApiSetView
  API Set Viewer
  ☆89Updated 4 months ago
• MiroKaku / Musa.Core
  Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.
  ☆82Updated last week
• adamhlt / Manual-DLL-Loader
  Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually
  ☆91Updated last year