Alternatives and similar repositories for GrayFrost:

Users that are interested in GrayFrost are comparing it to the libraries listed below

• deroko / SPPLUAObjectUacBypass
  ☆45Updated 6 years ago
• GrayKernel / GrayStorm
  In memory attack platform for C# Applications
  ☆51Updated 5 years ago
• DoubleLabyrinth / ProcessHollowing
  ☆35Updated 5 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 4 years ago
• Microwave89 / syscalltest
  PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls
  ☆39Updated 9 years ago
• ashr / netrefject
  Inject .Net payloads into other .Net assemblies on disk
  ☆61Updated 5 years ago
• jackson5sec / ShimDB
  Shim database persistence (Fin7 TTP)
  ☆36Updated 4 years ago
• OsandaMalith / PESecInfo
  A simple tool to view important DLL Characteristics and change DEP and ASLR
  ☆44Updated 6 years ago
• hotnops / COM_Mapper
  A tool to create COM class/interface relationships in neo4j
  ☆47Updated 2 years ago
• DanusMinimus / Injections
  A repository where I share my injection implemintations
  ☆29Updated 4 years ago
• ambray / DotNetReflectiveLoading
  ☆31Updated 7 years ago
• BreakingMalwareResearch / CFGExceptions
  Adding exceptions to Microsoft's Control Flow Guard (CFG)
  ☆59Updated 8 years ago
• hasherezade / tag_converter
  ☆22Updated 3 years ago
• deroko / activationcontexthook
  ☆33Updated 7 years ago
• djhohnstein / ProcessReimaging
  Process reimaging proof of concept code
  ☆95Updated 5 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆36Updated 6 years ago
• nettitude / DLLInjection
  DLL Injection Library & Tools
  ☆71Updated 8 years ago
• Sentinel-One / minhook
  The Minimalistic x86/x64 API Hooking Library for Windows
  ☆32Updated 6 years ago
• ycscaly / Privilege-Escalation-Framework
  Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitatio…
  ☆35Updated 8 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆34Updated 3 years ago
• nmulasmajic / syscall_exploit_CVE-2018-8897
  Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).
  ☆116Updated 6 years ago
• dsnezhkov / exclave
  ☆16Updated 3 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• daem0nc0re / HEVD-CSharpKernelPwn
  CSharp Writeups for HackSys Extreme Vulnerable Driver
  ☆43Updated 3 years ago
• aaaddress1 / dnLauncher
  ☆36Updated 3 years ago
• jthuraisamy / av-fingerprints
  Antivirus Emulator Fingerprints
  ☆27Updated 6 years ago
• jackullrich / Windows-API-Fuzzer
  Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
  ☆96Updated 4 years ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 6 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆66Updated 4 years ago