Alternatives and similar repositories for Evader

Users that are interested in Evader are comparing it to the libraries listed below

• 0x25bit / DarkCrypter
  A Simple AES Command Line Crypter
  ☆36Updated 2 years ago
• NtRaiseHardError / NINA
  NINA: No Injection, No Allocation x64 Process Injection Technique
  ☆226Updated 5 years ago
• eLoopWoo / zwhawk
  A kernel rootkit with remote command and control interface for windows
  ☆110Updated 7 years ago
• nickcano / RelocBonus
  An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.
  ☆307Updated 6 years ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆74Updated 4 years ago
• DarxiSR / CRYLINE-v5.0
  Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes on…
  ☆59Updated 4 months ago
• MahmoudZohdy / Process-Injection-Techniques
  Various Process Injection Techniques
  ☆156Updated 3 years ago
• akuafif / hXOR-Packer
  A PE (Portable Executable) packer with Huffman Compression and Xor encryption.
  ☆64Updated 4 years ago
• hasherezade / module_overloading
  A more stealthy variant of "DLL hollowing"
  ☆359Updated last year
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆111Updated last year
• MandConsultingGroup / ring3-kit
  Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)
  ☆79Updated 2 years ago
• 0x25bit / hackingLibrary
  ‪APT,‬ ‪Cyber warfare,‬ ‪Penetration testing,‬ ‪Zero-day,Exploiting,‬Fuzzing,Privilege-Escalation,browser-security‪,Spyware,Malwres evade…
  ☆35Updated 6 years ago
• dr4k0nia / XorStringsNET
  Easy XOR string encryption for NET based binaries
  ☆140Updated last year
• jackullrich / TRunPE
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆98Updated 5 years ago
• t3rabyt3-zz / Gozi
  Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.
  ☆65Updated 7 years ago
• dr4k0nia / Origami
  Packer compressing .net assemblies, (ab)using the PE format for data storage
  ☆171Updated 2 years ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆31Updated 5 years ago
• dalvarezperez / CreateFile_based_rootkit
  ☆136Updated 6 months ago
• dadas190 / Heavens-Gate-2.0
  Executes 64bit code from a 32bit process
  ☆235Updated 8 years ago
• josh0xA / threadfire
  PoC Thread Execution Hijacking for Win32 Code Injection
  ☆179Updated last year
• bytecode77 / slui-file-handler-hijack-privilege-escalation
  Slui File Handler Hijack UAC Bypass Local Privilege Escalation
  ☆94Updated 2 months ago
• NYAN-x-CAT / Anti-Analysis
  Detect virtual environment
  ☆67Updated 6 years ago
• MalwareTech / ZombifyProcess
  Inject code into a legitimate process
  ☆145Updated 10 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆237Updated 5 years ago
• call-042PE / UCantSeeM3
  Hiding your process in ProcessHacker,Task Manager,etc by patching NtQuerySystemInformation
  ☆88Updated 4 years ago
• NtRaiseHardError / AntiHook
  PoC designed to evade userland-hooking anti-virus.
  ☆90Updated 6 years ago
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆34Updated 4 years ago
• alal4465 / Win_Rootkit
  A kernel-mode rootkit with remote control
  ☆218Updated 4 years ago
• etormadiv / HostingCLR
  Executing a .NET Assembly from C++ in Memory (CLR Hosting)
  ☆200Updated 8 years ago
• jackullrich / memfuck
  A PoC designed to bypass all usermode hooks in a WoW64 environment.
  ☆150Updated 5 years ago