Alternatives and similar repositories for kiteshield:

Users that are interested in kiteshield are comparing it to the libraries listed below

• namazso / linux_injector
  A simple ptrace-less shared library injector for x64 Linux
  ☆253Updated last year
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆61Updated 2 years ago
• SilentVoid13 / Silent_Packer
  An ELF / PE binary packer written in pure C, made for fun
  ☆80Updated 9 months ago
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆82Updated last year
• zeze-zeze / ioctlance
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆167Updated last year
• elfmaster / maya
  Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.
  ☆154Updated 2 years ago
• kirschju / debugmenot
  Collection of simple anti-debugging tricks for Linux
  ☆57Updated 6 years ago
• sha0coder / mwemu
  x86 malware emulator
  ☆207Updated this week
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆224Updated 2 years ago
• malisal / loaders
  Tiny loaders for various binary formats.
  ☆228Updated 8 years ago
• reveng007 / reveng_rtkit
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆240Updated last year
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆357Updated 10 months ago
• sad0p / d0zer
  Elf binary infector written in Go.
  ☆206Updated last week
• advanced-microcode-patching / shiva
  A custom ELF linker/loader for installing ET_REL binary patches at runtime
  ☆153Updated 3 months ago
• Cr4sh / KernelForge
  A library to develop kernel level Windows payloads for post HVCI era
  ☆380Updated 3 years ago
• commial / ttd-bindings
  Bindings for Microsoft WinDBG TTD
  ☆217Updated last year
• realoriginal / bootlicker
  A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
  ☆406Updated last year
• ropfuscator / ropfuscator
  ROPfuscator is a fine-grained code obfuscation framework for C/C++ programs using ROP (return-oriented programming).
  ☆422Updated 8 months ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆264Updated last year
• Signal-Labs / IOCTLDump
  ☆139Updated last year
• alexander-hanel / msdocsviewer
  msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.
  ☆148Updated last year
• odzhan / aes_dust
  Unlicensed tiny / small portable implementation of 128/256-bit AES encryption in C, x86, AMD64, ARM32 and ARM64 assembly
  ☆121Updated 4 months ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆108Updated last year
• SheLLVM / SheLLVM
  A collection of LLVM transform and analysis passes to write shellcode in regular C
  ☆370Updated last year
• Error996 / bdvl
  bdvl
  ☆111Updated 2 years ago
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆166Updated 6 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆129Updated last year
• leandrofroes / gftrace
  A command line Windows API tracing tool for Golang binaries.
  ☆156Updated last year
• Dump-GUY / IDA_PHNT_TYPES
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆124Updated 4 months ago
• repnz / autochk-rootkit
  Reverse engineered source code of the autochk rootkit
  ☆199Updated 5 years ago