Alternatives and similar repositories for EAKC-EnumAllKernelCallbacks

Users that are interested in EAKC-EnumAllKernelCallbacks are comparing it to the libraries listed below

• Flerov / TS-Changer

  View on GitHub
  TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.
  ☆66Aug 14, 2023Updated 2 years ago
• zer0condition / GDRVLib

  View on GitHub
  Virtual and physical memory hacking library using gigabyte vulnerable driver
  ☆71Apr 9, 2023Updated 2 years ago
• Nariod / Tartocitron

  View on GitHub
  Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.
  ☆11May 31, 2022Updated 3 years ago
• Correia-jpv / fucking-awesome-rust

  View on GitHub
  A curated list of Rust code and resources. With repository stars⭐ and forks🍴
  ☆14Updated this week
• Nitr0-G / DriverLoader

  View on GitHub
  it's a driver injector or driver loader header lib(Windows)
  ☆12Aug 5, 2023Updated 2 years ago
• asteria121 / HalPrivateDispatchTableHook

  View on GitHub
  Hook syscalls from ring0 without triggering PatchGuard
  ☆24Oct 29, 2025Updated 3 months ago
• EvilBytecode / Eset-Unload

  View on GitHub
  Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …
  ☆12Apr 21, 2025Updated 9 months ago
• demon-i386 / binarybinarybinary

  View on GitHub
  some AV / EDR / analysis studies
  ☆10May 21, 2023Updated 2 years ago
• havenlabs / seconddate

  View on GitHub
  Source data & analysis of NSA SECONDDATE packet-injection framework
  ☆11Apr 9, 2017Updated 8 years ago
• gmh5225 / LetMeGG

  View on GitHub
  POC about how to prevent windbg break
  ☆15Oct 3, 2022Updated 3 years ago
• boy-hack / memory_snake

  View on GitHub
  内存分析中玩贪吃蛇
  ☆16Jan 13, 2024Updated 2 years ago
• 0mWindyBug / WFPCalloutReserach

  View on GitHub
  research revolving the windows filtering platform callout mechanism
  ☆38May 26, 2024Updated last year
• stuxnet147 / luna-1

  View on GitHub
  ☆17Dec 18, 2020Updated 5 years ago
• orangecertcc / ss7-fragz

  View on GitHub
  Fragging SS7 for fun and profit
  ☆19Nov 3, 2021Updated 4 years ago
• emiltayl / encrust

  View on GitHub
  Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.
  ☆19Dec 23, 2025Updated last month
• StephanvanSchaik / hy-rs

  View on GitHub
  hy-rs, pronounced high rise, provides a unified and portable to the hypervisor APIs provided by various platforms.
  ☆20Mar 10, 2022Updated 3 years ago
• benheise / ANGRYORCHARD

  View on GitHub
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆52Sep 20, 2022Updated 3 years ago
• DimopoulosElias / SimpleMimikatzObfuscator

  View on GitHub
  A set of commands to bypass Defender (and some other AVs)
  ☆20Jul 25, 2019Updated 6 years ago
• The-Sword-of-Constantine / rmtrd

  View on GitHub
  a kernel mode solution for detecting and prevent malicious threads creation in target process
  ☆22Jan 13, 2026Updated last month
• soufianetahiri / AD-Pentest-Cheatsheet

  View on GitHub
  AD Pentest Cheatsheet by BlackWasp
  ☆23Oct 10, 2022Updated 3 years ago
• Vicshann / Common

  View on GitHub
  Some eternal WIP stuff :)
  ☆20Nov 18, 2025Updated 2 months ago
• Nordgaren / stealth-win

  View on GitHub
  ☆48Jul 24, 2023Updated 2 years ago
• ScriptIdiot / sw2-secinject

  View on GitHub
  Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF
  ☆44Jun 23, 2022Updated 3 years ago
• TheCruZ / SigMaker-x64

  View on GitHub
  ☆23Oct 15, 2024Updated last year
• kkent030315 / anyvtop

  View on GitHub
  x64 Windows implementation of virtual-address to physical-address translation
  ☆46Jun 3, 2021Updated 4 years ago
• paranoidninja / Proxy-Function-Calls-For-ETwTI

  View on GitHub
  The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
  ☆209Jan 29, 2023Updated 3 years ago
• m417z / LdrDllNotificationHook

  View on GitHub
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆96Apr 3, 2025Updated 10 months ago
• Sh3lldon / WinPWN

  View on GitHub
  This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits
  ☆24Oct 20, 2025Updated 3 months ago
• fitzgen / winliner

  View on GitHub
  The WebAssembly Indirect Call Inliner
  ☆27Oct 18, 2023Updated 2 years ago
• TakahiroHaruyama / VDR

  View on GitHub
  Vulnerable driver research tool, result and exploit PoCs
  ☆228Nov 1, 2023Updated 2 years ago
• xu-Wan / HypercallPageHook

  View on GitHub
  POC Hook of nt!HvcallCodeVa
  ☆54May 8, 2023Updated 2 years ago
• 0mWindyBug / KDP-compatible-driver-loader

  View on GitHub
  KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
  ☆164Jun 14, 2024Updated last year
• ly4k / Impacket

  View on GitHub
  Modified version of Impacket to use dynamic NTLMv2 Challenge/Response
  ☆20Dec 26, 2022Updated 3 years ago
• andreiverse / WindowsPotatoes

  View on GitHub
  A list of windows potatoes!
  ☆26Mar 6, 2022Updated 3 years ago
• dnz-c / VulnDriverFinder

  View on GitHub
  browse microsoft driver server for potentially vulnerable drivers
  ☆30May 7, 2024Updated last year
• sonyps5201314 / RemoveApiSets

  View on GitHub
  RemoveApiSets is a program that can replace the ApiSets Dlls that already depend on ApiSets Dlls with MSVCR14X Dlls
  ☆33Oct 6, 2024Updated last year
• Bl4ckM1rror / PEAs

  View on GitHub
  ☆61Dec 15, 2023Updated 2 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆265Aug 31, 2022Updated 3 years ago
• frank2 / oxide

  View on GitHub
  A PoC packer written in Rust!
  ☆74Apr 1, 2022Updated 3 years ago