Alternatives and similar repositories for MemTools

Users that are interested in MemTools are comparing it to the libraries listed below

• codetronik / KernelV
  Rootkit & Anti-rootkit
  ☆41Updated 2 years ago
• VeroFess / X64SystemCall
  All Nt Syscall and W32k Syscall in one asm, include, and call it!
  ☆58Updated 4 years ago
• NewWorldComingSoon / UnknownField
  UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.
  ☆44Updated 3 years ago
• moccajoghurt / MemWars
  ☆44Updated 7 years ago
• luciouskami / RemoveFlagTest
  Another method to anti ThreadHideFromDebugger
  ☆37Updated 6 years ago
• Barakat / windows.sandbox
  Windows sandbox PoC
  ☆32Updated 5 years ago
• nblog / Vm2Import
  fix vmprotect import function used unicorn-engine.
  ☆98Updated 2 years ago
• KiFilterFiberContext / VMP3-Disasm
  Experimental disassembler for x86 binaries virtualized by VMProtect 3
  ☆97Updated 3 years ago
• anzelesnik / MySyscall
  Example of hijacking system calls via function pointer tables
  ☆31Updated 4 years ago
• huoji120 / GpuzMaper
  using gpuz to load driver
  ☆36Updated 6 years ago
• Rat431 / ColdHide
  (DEPRECATED) A simple anti-anti debug library for Windows
  ☆30Updated 5 years ago
• luciouskami / APEX-EACBypass
  APEX-EACBypass(usermode)
  ☆48Updated 6 years ago
• vxcall / ZwDetectMemoryRead
  neat way to detect memory read using nt layer function.
  ☆14Updated 2 years ago
• Tai7sy / BE_Fuck
  BattlEye Emulator, modified from slicktors work.
  ☆14Updated 7 years ago
• hypn4 / FuckTP
  ☆23Updated 6 years ago
• yqsy / VT_demo
  ☆28Updated 8 years ago
• 9176324 / Daat
  a simple intel vt code both support x86 & x64. PatchGuard monitor.
  ☆77Updated 4 years ago
• DucaRii / vtable_hook
  easy to use vtable hook with RTTI support
  ☆23Updated 6 years ago
• notscimmy / libinject
  Currently supports injecting signed/unsigned DLLs in 64-bit processes
  ☆62Updated 5 years ago
• h4xu3lyn / FuckPg
  Analysing and defeating PatchGuard universally
  ☆36Updated 5 years ago
• 0ffffffffh / system_call_hook_win10_1903
  This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness
  ☆53Updated 6 years ago
• garzon / obfacros
  obfacros - a set of C++ macros that can be used to obfuscate your c/c++ code, to make executables harder for reverse-engineering.
  ☆46Updated 6 years ago
• can1357 / vmware-rpc
  Header-only VMWare Backdoor API Implementation & Effortless VMX Patcher for Custom Guest-to-Host RPCs
  ☆106Updated 5 years ago
• Gbps / CapcomLib
  A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)
  ☆43Updated 7 years ago
• ajkhoury / windbg_to_c
  Translates WinDbg "dt" structure dump to a C structure
  ☆13Updated 5 years ago
• KN4CK3R / XorStr
  ☆50Updated 6 years ago
• DragonQuestHero / QT-Process-Protect
  GUI Kernel driver process protect tool
  ☆38Updated 7 years ago
• huoji120 / battleye
  battleye shellcode
  ☆18Updated 6 years ago
• fIappy / FpVTProject
  intel vt-x hypervisor ept
  ☆25Updated 5 years ago
• rbapat / KernelInjector
  Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected
  ☆37Updated 7 years ago