Alternatives and similar repositories for WFPExplorer

Users that are interested in WFPExplorer are comparing it to the libraries listed below

• zodiacon / ObjectExplorer
  Explore Kernel Objects on Windows
  ☆216Updated last month
• zodiacon / windowskernelprogrammingbook2e
  Samples for the book Windows Kernel Programming, 2nd edition
  ☆337Updated 5 months ago
• zodiacon / TotalPE2
  PE Viewer
  ☆181Updated 4 months ago
• repnz / etw-providers-docs
  Document ETW providers
  ☆234Updated 5 years ago
• hzqst / FuckCertVerifyTimeValidity
  This tiny project prevents the signtool from verifing cert time validity and let you sign your bin with outdated cert without changing sy…
  ☆231Updated 6 years ago
• hfiref0x / AuthHashCalc
  Authenticode Hash Calculator for PE32/PE32+ files
  ☆111Updated last year
• progmboy / openprocmon
  open source process monitor
  ☆274Updated last month
• utoni / PastDSE
  DSE bypass using a leaked cert and adjusting the current clock.
  ☆153Updated 2 years ago
• zodiacon / ProcMonXv2
  Process Monitor X v2
  ☆613Updated last year
• itm4n / PPLcontrol
  Controlling Windows PP(L)s
  ☆326Updated last year
• zodiacon / EtwExplorer
  View ETW Provider manifest
  ☆489Updated 7 months ago
• MiroKaku / Musa.Veil
  Collection of undocumented Windows API declarations.
  ☆314Updated this week
• jdu2600 / Windows10EtwEvents
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆299Updated last year
• M2Team / Privexec
  Run the program with the specified permission level (C++20 required)
  ☆344Updated 3 months ago
• m417z / ntdoc
  Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
  ☆257Updated last week
• 0xf005ba11 / vmplex-ws
  A tabbed UI for Microsoft's Hyper-V
  ☆217Updated 9 months ago
• anzelesnik / SyscallHook
  System call hook for Windows 10 20H1
  ☆493Updated 3 years ago
• bb107 / MemoryModulePP
  MemoryModule which compatible with Win32 API and support exception handling
  ☆402Updated 3 months ago
• cyberark / RPCMon
  RPC Monitor tool based on Event Tracing for Windows
  ☆356Updated 9 months ago
• namazso / physmem_drivers
  A collection of various vulnerable (mostly physical memory exposing) drivers.
  ☆387Updated 2 years ago
• DamonMohammadbagher / ETWProcessMon2
  ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detecti…
  ☆302Updated last year
• ntdiff / headers
  ☆165Updated 8 months ago
• MiroKaku / libwsk
  The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).
  ☆245Updated 4 months ago
• mandiant / STrace
  A DTrace on Windows Reimplementation
  ☆348Updated 3 months ago
• pathtofile / PPLRunner
  Run Processes as PPL with ELAM
  ☆163Updated 3 years ago
• mrexodia / phnt-single-header
  Single header version of System Informer's phnt library.
  ☆221Updated last week
• BeneficialCode / WinArk
  Windows Anti-Rootkit Tool
  ☆502Updated 2 months ago
• ryan-weil / HideProcessHook
  DLL that hooks the NtQuerySystemInformation API and hides a process name
  ☆288Updated 2 years ago
• m417z / global-inject-demo
  A global injection and hooking example
  ☆141Updated last year
• HyperSine / Windows10-CustomKernelSigners
  Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…
  ☆734Updated 5 years ago