Alternatives and similar repositories for kernel-programming

Users that are interested in kernel-programming are comparing it to the libraries listed below

• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆26Updated 2 years ago
• rbmm / Services
  ☆18Updated 10 months ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆32Updated 2 years ago
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆21Updated 2 years ago
• 0vercl0k / KEPaboo
  Neutralize KEPServerEX anti-debugging techniques
  ☆33Updated 2 years ago
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• gkucherin / de4dot
  .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).
  ☆29Updated 3 years ago
• SpiralBL0CK / CVE-2024-40431-CVE-2022-25479-EOP-CHAIN
  CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)
  ☆45Updated last year
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆34Updated 2 years ago
• yo-yo-yo-jbo / anti_debugging_intro
  ☆26Updated 2 years ago
• bartblaze / DotNet-MetaData
  Identifies metadata of .NET binary files.
  ☆21Updated last year
• cocomelonc / 2022-01-24-malware-injection-15
  Process injection via KernelCallbackTable
  ☆13Updated 3 years ago
• connormcgarr / An-Intro-2-Win-ED
  "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …
  ☆41Updated 5 years ago
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Updated 2 years ago
• theabysslabs / CVE-2022-21881
  POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox
  ☆21Updated 3 years ago
• xoreaxecx / PEmimic
  A PE morphing tool that allows you to mimic one executable file to another.
  ☆11Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Updated 3 years ago
• klezVirus / DCKFinder
  Dangling COM Keys Finder
  ☆17Updated 4 years ago
• Idov31 / talks-and-publications
  Released presentations of my talks + code that used during these talks
  ☆15Updated last year
• connormcgarr / Presentations
  ☆30Updated 2 months ago
• X-C3LL / memdlopen-lib
  ☆13Updated 2 years ago
• X-Junior / Malware-IDAPython-Scripts
  ☆22Updated last year
• rbmm / Noname
  really ?
  ☆12Updated last year
• EgeBalci / syscall_api
  ☆38Updated 2 years ago
• yoavshah / ImportlessApi
  ☆17Updated last year
• hasherezade / flareon2023
  ☆24Updated last year
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆67Updated 3 years ago
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆32Updated 3 years ago
• lleon1435 / Kernel_VADInjector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆52Updated 2 years ago
• Dump-GUY / VoiceC2_POC
  Simple POC of Voice C2 using Speech Recognition
  ☆13Updated 3 years ago