Alternatives and similar repositories for elam:

Users that are interested in elam are comparing it to the libraries listed below

• 0xMegaByte / COM-Explained
  ☆25Updated 2 years ago
• jsecurity101 / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆39Updated last year
• passthehashbrowns / hook-integrity-checks
  ☆21Updated 3 years ago
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆34Updated 3 years ago
• alfarom256 / PebLdr
  ☆15Updated 4 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• polakow / WindowsBypassSMEP
  Example for PagedOut!
  ☆24Updated 5 years ago
• s4dbrd / ETWReader
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆16Updated 10 months ago
• ch3rn0byl / WinDbg-Extensions
  ☆18Updated 4 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆57Updated 4 years ago
• ASkyeye / CVE-2018-19320
  Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
  ☆20Updated 5 years ago
• sbousseaden / injection-1
  Windows process injection methods
  ☆15Updated 5 years ago
• trailofbits / WinDbg-JS
  ☆24Updated last year
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆31Updated last year
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆29Updated last year
• yo-yo-yo-jbo / anti_debugging_intro
  ☆24Updated 2 years ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆30Updated 4 years ago
• Maff1t / InjectNtdllPOC
  Process Injection without R/W target memory and without creating a remote thread
  ☆18Updated 3 years ago
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆48Updated 3 years ago
• namazso / PEDiffGen
  Subtract one PE file from another!
  ☆22Updated 3 years ago
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆28Updated 2 years ago
• ph4s3tw0 / GetProcAddressCaseStudies
  Six cases demonstrating methods of optimizing GetProcAddress
  ☆17Updated 3 years ago
• rbmm / Noname
  really ?
  ☆12Updated last year
• waleedassar / SyscallNumberExtractor
  ☆24Updated 3 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• keowu / InstrumentationCallbackToolKit
  A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…
  ☆26Updated last year
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆26Updated last year
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆20Updated 2 years ago
• SolomonSklash / COM-Hijacking
  An example of COM hijacking using a proxy DLL.
  ☆28Updated 3 years ago
• waleedassar / ALPC_CLIENT_SERVER
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Updated 3 years ago