Alternatives and similar repositories for elam:

Users that are interested in elam are comparing it to the libraries listed below

• alfarom256 / PebLdr
  ☆15Updated 4 years ago
• trailofbits / WinDbg-JS
  ☆23Updated last year
• passthehashbrowns / hook-integrity-checks
  ☆21Updated 3 years ago
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆28Updated 2 years ago
• yo-yo-yo-jbo / anti_debugging_intro
  ☆23Updated last year
• rbmm / Noname
  really ?
  ☆12Updated last year
• ch3rn0byl / WinDbg-Extensions
  ☆18Updated 4 years ago
• d35ha / PEReflectiveInjection
  Remote PE reflective injection with a simple reflective loader
  ☆31Updated 5 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆29Updated 4 years ago
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆34Updated 3 years ago
• Flawww / NtSyscaller
  Manually perform syscalls without going through any external API or DLL.
  ☆18Updated last year
• 0xMegaByte / COM-Explained
  ☆25Updated 2 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• rbmm / Hollowed-Process
  ☆25Updated last month
• polakow / WindowsBypassSMEP
  Example for PagedOut!
  ☆24Updated 5 years ago
• waleedassar / SyscallNumberExtractor
  ☆24Updated 3 years ago
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆30Updated last year
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆57Updated 4 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆26Updated 2 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆39Updated 4 years ago
• alal4465 / HeavensGateHook
  Hooking Heavens Gate in a weekend
  ☆13Updated 3 years ago
• jsecurity101 / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆39Updated 11 months ago
• SolomonSklash / COM-Hijacking
  An example of COM hijacking using a proxy DLL.
  ☆28Updated 3 years ago
• Maff1t / InjectNtdllPOC
  Process Injection without R/W target memory and without creating a remote thread
  ☆18Updated 3 years ago
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆27Updated last year
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆29Updated last year
• GetRektBoy724 / Breaking-Detecting-Direct-Syscall-Techniques
  A repository filled with ideas to break/detect direct syscall techniques
  ☆27Updated 2 years ago
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆31Updated 2 years ago