Alternatives and similar repositories for ramiel

Users that are interested in ramiel are comparing it to the libraries listed below

• 3itch / checkm8
  bypassing intel txt's tboot integrity checks via coreboot shim
  ☆70Updated 3 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆105Updated 2 years ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆122Updated 2 years ago
• kkent030315 / Van1338
  A journal for $6,000 Riot Vanguard bounty.
  ☆64Updated last year
• zer0condition / ZeroThreadKernel
  Recursive and arbitrary code execution at kernel-level without a system thread creation
  ☆157Updated 2 years ago
• jonaslyk / temp
  ☆71Updated 2 years ago
• dmaivel / ntoseye
  Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
  ☆85Updated last month
• carlos-al / user-kernel-syscall-hook
  ☆90Updated last year
• 0x1c1101 / blazing_asm
  Simple, fast and lightweight x86-64 Assembler Library for C++ / Header-Only
  ☆57Updated last week
• KiFilterFiberContext / warbird-obfuscator
  Integration of Microsoft Warbird with the MSVC compiler
  ☆105Updated last year
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆107Updated 2 years ago
• xsh3llsh0ck / Deadwing
  SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
  ☆88Updated 8 months ago
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆133Updated last year
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆36Updated last year
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆248Updated 2 years ago
• irql / CVE-2021-31728
  vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.
  ☆91Updated 4 years ago
• djolertrk / kovid-obfuscation-passes
  A set of LLVM and GCC based plugins that perform code obfuscation.
  ☆125Updated this week
• backengineering / sigbreaker-llvm-lit
  All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit
  ☆16Updated last month
• SamuelTulach / HookGuard
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆178Updated 5 months ago
• tandasat / CVE-2023-36427
  Report and exploit of CVE-2023-36427
  ☆90Updated last year
• Tserith / Parasite
  Compact MBR Bootkit for Windows
  ☆52Updated 3 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆90Updated last year
• Dump-GUY / IDA_PHNT_TYPES
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆143Updated 10 months ago
• xsh3llsh0ck / ResilienceKit
  Another UEFI runtime bootkit
  ☆29Updated 2 years ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆111Updated 2 years ago
• brew02 / BudgetEPT
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆55Updated 8 months ago
• android1337 / brkida
  C++ macro for x64 programs that breaks ida hex-rays decompiler tool.
  ☆118Updated last year
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆251Updated last year
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆65Updated 2 months ago
• 3itch / icekit
  I/O Cache-As-Ram + AMD x86_64 cache line locking | Mirror of https://codeberg.org/3itch/icekit
  ☆14Updated 3 months ago