Alternatives and similar repositories for PushPin

Users that are interested in PushPin are comparing it to the libraries listed below

• Cr4sh / pico_dma
  Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board
  ☆83Updated last year
• ufrisk / LeechCore
  LeechCore - Physical Memory Acquisition Library & The LeechAgent Remote Memory Acquisition Agent
  ☆635Updated last month
• w1u0u1 / kinject
  Kernel shellcode injector
  ☆143Updated 4 years ago
• gmh5225 / ntoskrnl_file_collection
  Collect various versions of ntoskrnl files
  ☆54Updated last year
• not-wlan / driver-hijack
  ☆153Updated 5 years ago
• Oliver-1-1 / SmmInfect
  ☆213Updated 2 weeks ago
• jussihi / SMM-Rootkit
  SMM rootkit similar to LoJax or MosaicRegressor
  ☆126Updated last year
• gmh5225 / CallMeWin32kDriver
  Load your driver like win32k.sys
  ☆255Updated 2 years ago
• AdamOron / PatchGuardBypass
  Bypassing PatchGuard on modern x64 systems
  ☆260Updated 2 years ago
• 1401199262 / Hook-KdTrap
  ☆209Updated 2 years ago
• ufrisk / LeechCore-plugins
  Plugins related to LeechCore
  ☆35Updated last week
• pRain1337 / Hermes
  SMM UEFI module and client for UMD privilege escalation
  ☆47Updated last month
• fengjixuchui / gdrv-loader
  Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vu…
  ☆244Updated 3 years ago
• 0mWindyBug / KDP-compatible-driver-loader
  KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
  ☆150Updated last year
• VollRagm / PTView
  Browse Page Tables on Windows (Page Table Viewer)
  ☆210Updated 3 years ago
• kkent030315 / MsIoExploit
  Exploit MsIo vulnerable driver
  ☆107Updated 3 years ago
• kkent030315 / PageTableInjection
  Code Injection, Inject malicious payload via pagetables pml4.
  ☆240Updated 3 years ago
• zouxianyu / KernelHiddenExecute
  Hide codes/data in the kernel address space.
  ☆190Updated 4 years ago
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆248Updated 2 years ago
• kkent030315 / NoPatchGuardCallback
  x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
  ☆204Updated 4 years ago
• SamuelTulach / rainbow
  Hide SMBIOS/disk/NIC serials from EFI bootkit
  ☆300Updated 4 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆208Updated 2 years ago
• Deputation / hygieia
  Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
  ☆145Updated 3 years ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆212Updated 2 years ago
• utoni / PastDSE
  DSE bypass using a leaked cert and adjusting the current clock.
  ☆151Updated 2 years ago
• thesecretclub / callout-poc
  ☆146Updated 4 years ago
• 0mWindyBug / GhostMapperUM
  manual map unsigned driver over signed memory
  ☆196Updated last year
• SamuelTulach / SecureFakePkg
  Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with se…
  ☆166Updated 3 years ago
• secrary / Hooking-via-InstrumentationCallback
  codes for my blog post: https://secrary.com/Random/InstrumentationCallback/
  ☆177Updated 7 years ago
• tanduRE / AvastHV
  Hooking SSDT with Avast Internet Security Hypervisor
  ☆117Updated 6 years ago