Alternatives and similar repositories for ramiel

Users that are interested in ramiel are comparing it to the libraries listed below

• 3itch / checkm8
  bypassing intel txt's tboot integrity checks via coreboot shim
  ☆67Updated 2 months ago
• backengineering / sigbreaker-llvm-lit
  All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit
  ☆16Updated 3 weeks ago
• carlos-al / user-kernel-syscall-hook
  ☆90Updated last year
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆245Updated 2 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆89Updated 11 months ago
• SamuelTulach / HookGuard
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆174Updated 4 months ago
• dmaivel / ntoseye
  Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
  ☆81Updated last week
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆121Updated 2 years ago
• namazso / dll-universal-patcher
  A universal binary patching dll.
  ☆89Updated 7 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆105Updated 2 years ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆92Updated 2 years ago
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆34Updated last year
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆132Updated last year
• zer0condition / ZeroThreadKernel
  Recursive and arbitrary code execution at kernel-level without a system thread creation
  ☆154Updated 2 years ago
• cursey / x64-virtualizer-rs
  x86-64 virtualizing obfuscator written in Rust
  ☆77Updated last year
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆63Updated last month
• djolertrk / kovid-obfuscation-passes
  A set of LLVM and GCC based plugins that perform code obfuscation.
  ☆123Updated 2 weeks ago
• xsh3llsh0ck / Deadwing
  SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
  ☆86Updated 7 months ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆111Updated 2 years ago
• kkent030315 / Van1338
  A journal for $6,000 Riot Vanguard bounty.
  ☆63Updated last year
• pRain1337 / Hermes
  SMM UEFI module and client for UMD privilege escalation
  ☆46Updated last week
• Azvanzed / CVE-2024-44083
  Makes IDA (most versions) to crash upon opening it.
  ☆88Updated 9 months ago
• irql / CVE-2021-31728
  vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.
  ☆92Updated 4 years ago
• tandasat / hvext
  The Windbg extensions to study Hyper-V on Intel and AMD processors.
  ☆153Updated 2 months ago
• xsh3llsh0ck / ResilienceKit
  Another UEFI runtime bootkit
  ☆30Updated 2 years ago
• jonaslyk / temp
  ☆71Updated 2 years ago
• synctop / tpm-mmio
  Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.
  ☆40Updated last year
• kkent030315 / MsIoExploit
  Exploit MsIo vulnerable driver
  ☆104Updated 3 years ago
• SamuelTulach / PwnedBoot
  Using Windows' own bootloader as a shim to bypass Secure Boot
  ☆170Updated 10 months ago
• eversinc33 / unKover
  PoC Anti-Rootkit/Anti-Cheat Driver.
  ☆197Updated last month