trac3me

autopsy

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

Blackbone

Windows memory hacking library

chtmoneyhub

Automatically exported from code.google.com/p/chtmoneyhub

FLIRTDB

A community driven collection of IDA FLIRT signature files

hidden

Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Kernel-AntiCheat

MBox

Windows tool box library

openedr

Open EDR public repository

openlibs

Open Source Libraries Collection

ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

processhacker

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.

SecretDisk2

simpleAVdriver

Simple AntiVirus Driver example

sleuthkit

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

SystemExplorer

Windows System Explorer

TelemetrySourcerer

Enumerate and disable common sources of telemetry used by AV/EDR.

WindowsDriver

Windows过滤驱动-helloworld