Alternatives and similar repositories for Kernel-Rootkit-32Bit

Users that are interested in Kernel-Rootkit-32Bit are comparing it to the libraries listed below

• emlinhax / DbgViewEx
  combine the power of procmon and dbgview into one single application
  ☆8Updated last year
• AdiMarianMutu / PE-File-Infection
  Infects PE files with a shellcode
  ☆19Updated 6 years ago
• freakanonymous / DLL_ROOTKIT_loader
  Rootkit loader for your rootkit dll, x86/x64 system wide DLL injection (+appinit_dlls registry create) uses heavens gate
  ☆19Updated 4 years ago
• ManulMap / malstring
  Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.
  ☆21Updated last year
• christianshub / process-injection-guard
  Signature scanner and API hooks to detect malicious process injection
  ☆27Updated 2 years ago
• 0mWindyBug / FileHide
  filter driver to hide files and directories
  ☆20Updated last year
• reverserb / Simple_PE_Loader
  ⚙️ Map and execute EXE in memory
  ☆10Updated 2 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆29Updated last year
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆19Updated 2 years ago
• f3di006 / ReverseSocks5
  Reverse Socks5 proxy for windows
  ☆14Updated 2 years ago
• xsh3llsh0ck / PicoHook
  Small driver that uses alternative syscalls feature (the project is still under development).
  ☆15Updated last year
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆26Updated 5 years ago
• byte2mov / anti-process
  stop any process from looking into your process by hooking.
  ☆17Updated last year
• XShar / simple_rootkit_for_windows_fork_r77
  Скрытие процессов и файлов в user mode
  ☆21Updated 5 years ago
• sreeharshabandi / Captain
  Process Creation, Image Load and Thread Creation Notification
  ☆12Updated last year
• Lima-X / Win32.Nebula
  A packed & protected Module Loader and more, for 64-bit Windows
  ☆29Updated 4 years ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆47Updated 2 years ago
• PELock / starter
  A small utility to run raw code chunks in the executable memory area.
  ☆14Updated 10 years ago
• Broihon / ProcessInfo
  A class to gather information about a process, its threads and modules.
  ☆24Updated 5 years ago
• DErDYAST1R / SilentFunctionCaller
  Allows for same-file KernelMode function execution using Encrypted addresses of Functions
  ☆36Updated 7 months ago
• 0mWindyBug / KeystrokeSniffer
  a windows kernel keylogger that works
  ☆20Updated last year
• zodiacon / DbgPrint
  Debug Print viewer (user and kernel)
  ☆66Updated last year
• TRIKbranch / RunPE-X86--X64-
  With this RunPE you can easily inject your payload in any x86 or x64 program.
  ☆14Updated 6 years ago
• hugsy / modern-cpp-windows-driver-template
  Windows driver template, using C++20 & cmake & GithubActions
  ☆22Updated 9 months ago
• Codeh4ck / MemoryPEInjector
  A tool that reads a PE file from a byte array buffer and injects it into memory.
  ☆27Updated 5 years ago
• Broihon / StartRoutine
  A library with four different methods to execute shellcode in a process
  ☆27Updated 5 years ago
• andrew9382 / manual_mapping_dll_injector
  manual mapping injector
  ☆27Updated 3 years ago
• x0reaxeax / rwlazer64
  Win64 UEFI Driver-based tool for unrestricted memory R/W
  ☆27Updated 3 years ago
• adamhlt / ASLR-Disabler
  ASLR Disabler (x86 / x64) - Little utility for disabling the ASLR on PE files
  ☆14Updated last year
• NUL0x4C / RecycleBinPersistence
  using the Recycle Bin to insure persistence
  ☆12Updated 2 years ago