Alternatives and similar repositories for YandexDecrypt

Users that are interested in YandexDecrypt are comparing it to the libraries listed below

• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated last year
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆44Updated last year
• ntdll0 / HVNC
  My POC implementation of HVNC (Hidden VNC / Hidden Desktop)
  ☆23Updated 4 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆89Updated 11 months ago
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆65Updated last month
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆74Updated 9 months ago
• 0xPrimo / KMDllInjector
  kernel-mode DLL Injector
  ☆74Updated 3 weeks ago
• joaoviictorti / dinvk
  Dynamically invoke arbitrary code with Rust tricks, #[no_std] support, and compatibility for x64, x86, ARM64 and WoW64 (DInvoke)
  ☆77Updated last week
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆38Updated 8 months ago
• NtDallas / Ulfberht
  Shellcode loader
  ☆81Updated 5 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated 10 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆37Updated this week
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆63Updated 2 weeks ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆151Updated 2 months ago
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆42Updated 10 months ago
• joaoviictorti / coffeeldr
  A COFF Loader written in Rust
  ☆100Updated last week
• rbmm / SC
  shell code example
  ☆49Updated this week
• ameenalkerdy / ETWShellcodeLoader
  Shellcode Loader Utilizing ETW Events
  ☆63Updated 2 months ago
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆63Updated last month
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆69Updated last year
• Teach2Breach / early_cascade_inj_rs
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆58Updated 6 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆105Updated 2 weeks ago
• Allevon412 / ReflectiveDLLInjector
  This program is used to perform reflective DLL Injection to a remote process specified by the user.
  ☆65Updated last year
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆77Updated last year
• AzAgarampur / byeintegrity9-uac
  ☆36Updated 2 years ago
• NtDallas / Fenrir
  stack spoofing
  ☆84Updated 6 months ago
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆76Updated 2 weeks ago
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆25Updated 11 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆56Updated 9 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆154Updated 5 months ago