Alternatives and similar repositories for HiddenNtRegistry:

Users that are interested in HiddenNtRegistry are comparing it to the libraries listed below

• DownWithUp / DynamicKernelShellcode
  An example of how x64 kernel shellcode can dynamically find and use APIs
  ☆104Updated 4 years ago
• NtRaiseHardError / Dreadnought
  PoC for detecting and dumping code injection (built and extended on UnRunPE)
  ☆56Updated 6 years ago
• NtRaiseHardError / AntiHook
  PoC designed to evade userland-hooking anti-virus.
  ☆88Updated 5 years ago
• NtRaiseHardError / Anti-Delete
  Protects deletion of files with a specified extension using a kernel-mode driver.
  ☆75Updated 6 years ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆42Updated 7 years ago
• djhohnstein / ProcessReimaging
  Process reimaging proof of concept code
  ☆95Updated 5 years ago
• hoangprod / DanSpecial
  Weaponizing Gigabyte driver for priv escalation and bypass PPL
  ☆68Updated 5 years ago
• UserExistsError / DllLoaderShellcode
  Shellcode to load an appended Dll
  ☆88Updated 4 years ago
• Sentinel-One / minhook
  The Minimalistic x86/x64 API Hooking Library for Windows
  ☆32Updated 6 years ago
• NextSecurity / Gozi-MBR-rootkit
  Gozi-MBR-rootkit Bootkit Modified
  ☆68Updated 8 years ago
• JKornev / hijacken
  Analyze and attack windows applications using dll hijacking vulnerabilities
  ☆56Updated 5 years ago
• NtRaiseHardError / UnRunPE
  PoC for detecting and dumping process hollowing code injection
  ☆51Updated 6 years ago
• killswitch-GUI / HotLoad-Driver
  C++
  ☆80Updated 8 years ago
• DoubleLabyrinth / ProcessHollowing
  ☆35Updated 5 years ago
• 86hh / DreamLoader
  Simple 32/64-bit PEs loader.
  ☆136Updated 6 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆28Updated 3 years ago
• Truneski / WindowsKernelProgramming-Exercises
  ☆49Updated 4 years ago
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver
  exploit termdd.sys(support kb4499175)
  ☆58Updated 5 years ago
• splunk / PPLinject
  Inject unsigned DLL into Protected Process Light (PPL)
  ☆18Updated 2 months ago
• 3gstudent / Inject-dll-by-Process-Doppelganging
  Process Doppelgänging
  ☆155Updated 7 years ago
• b23r0 / MakeCode
  Dll Convert to Shellcode.
  ☆40Updated 2 years ago
• tophertimzen / shellcodeTester
  GUI Application in C# to run and disassemble shellcode
  ☆35Updated 7 years ago
• jackullrich / TRunPE
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆93Updated 5 years ago
• 3gstudent / Shellcode-Generater
  No inline asm,support x86/x64
  ☆64Updated 3 years ago
• SouhailHammou / KernelSymbolsHelper
  Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…
  ☆53Updated 5 years ago
• Jyang772 / HideProcessHookMDL
  A simple rootkit to hide a process
  ☆46Updated 11 years ago
• papadp / reflective-injection-detection
  a program to detect reflective dll injection on a live machine
  ☆75Updated 9 years ago
• Microwave89 / rtsectiontest
  An Attempt to Bypass Memory Scanners By Misusing the ntdll.dll "RT" Section.
  ☆95Updated 9 years ago
• FuzzySecurity / Driver-Template
  Bare template for a Kernel Mode Driver
  ☆51Updated 4 years ago
• whitephone / Windows-Rootkits
  ☆26Updated 7 years ago