Alternatives and similar repositories for elam

Users that are interested in elam are comparing it to the libraries listed below

• ch3rn0byl / WinDbg-Extensions
  ☆18Updated 4 years ago
• trailofbits / WinDbg-JS
  ☆24Updated last year
• 0xMegaByte / COM-Explained
  ☆25Updated 2 years ago
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆34Updated 3 years ago
• Flawww / NtSyscaller
  Manually perform syscalls without going through any external API or DLL.
  ☆18Updated 2 years ago
• keowu / InstrumentationCallbackToolKit
  A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…
  ☆31Updated last year
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆57Updated 4 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• jonny-jhnson / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆39Updated last year
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆30Updated 2 years ago
• alfarom256 / PebLdr
  ☆15Updated 4 years ago
• polakow / WindowsBypassSMEP
  Example for PagedOut!
  ☆24Updated 5 years ago
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆26Updated last year
• s4dbrd / ETWReader
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆16Updated 11 months ago
• connormcgarr / Presentations
  ☆28Updated 7 months ago
• rbmm / Noname
  really ?
  ☆12Updated last year
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• sbousseaden / injection-1
  Windows process injection methods
  ☆17Updated 5 years ago
• Maff1t / InjectNtdllPOC
  Process Injection without R/W target memory and without creating a remote thread
  ☆18Updated 3 years ago
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆21Updated 2 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆29Updated last year
• waleedassar / ALPC_CLIENT_SERVER
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Updated 3 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆33Updated 4 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆38Updated 4 years ago
• therealdreg / Win.Cerdalux
  WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs
  ☆18Updated last year
• passthehashbrowns / hook-integrity-checks
  ☆21Updated 4 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆29Updated 3 years ago
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆31Updated last year
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 3 years ago