Alternatives and similar repositories for ProcessHider:

Users that are interested in ProcessHider are comparing it to the libraries listed below

• landhb / HideProcess
  A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
  ☆667Updated 6 years ago
• rootm0s / Injectors
  💉 DLL/Shellcode injection techniques
  ☆704Updated 6 years ago
• rootm0s / Protectors
  🛡️ Obfuscator, Encryption, Junkcode, Anti-Debug, PE protection/modification
  ☆513Updated 7 years ago
• hfiref0x / UPGDSED
  Universal PatchGuard and Driver Signature Enforcement Disable
  ☆840Updated 6 years ago
• hfiref0x / TDL
  Driver loader for bypassing Windows x64 Driver Signature Enforcement
  ☆1,113Updated 5 years ago
• secrary / InfectPE
  InfectPE - Inject custom code into PE file [This project is not maintained anymore]
  ☆322Updated 7 years ago
• wbenny / injdrv
  proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
  ☆1,208Updated 11 months ago
• kernelm0de / ProcessHider
  Hide Process From Task Manager using Usermode API Hooking
  ☆344Updated 3 years ago
• hasherezade / dll_to_exe
  Converts a DLL into EXE
  ☆808Updated last year
• Mattiwatti / PPLKiller
  Protected Processes Light Killer
  ☆923Updated 2 years ago
• aaaddress1 / RunPE-In-Memory
  Run a Exe File (PE Module) in memory (like an Application Loader)
  ☆886Updated 4 years ago
• hasherezade / demos
  Demos of various injection techniques found in malware
  ☆791Updated 3 years ago
• d35ha / CallObfuscator
  Obfuscate specific windows apis with different apis
  ☆1,000Updated 4 years ago
• hzqst / Syscall-Monitor
  Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+
  ☆737Updated 7 years ago
• Zer0Mem0ry / RunPE
  Code that allows running another windows PE in the same address space as the host process.
  ☆442Updated 8 years ago
• 9176324 / Shark
  Turn off PatchGuard in real time for win7 (7600) ~ later
  ☆1,008Updated 2 years ago
• ciyze0101 / Windows-Rootkits
  ☆484Updated 4 years ago
• hfiref0x / DSEFix
  Windows x64 Driver Signature Enforcement Overrider
  ☆750Updated 6 years ago
• theevilbit / injection
  ☆811Updated 5 years ago
• can1357 / ByePg
  Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
  ☆864Updated 5 years ago
• nettitude / SimplePELoader
  In-Memory PE Loader
  ☆372Updated 5 years ago
• JKornev / hidden
  🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
  ☆1,890Updated 2 years ago
• NytroRST / ShellcodeCompiler
  Shellcode Compiler
  ☆1,091Updated 7 months ago
• tishion / mmLoader
  A library for loading dll module bypassing windows PE loader from memory (x86/x64)
  ☆546Updated last year
• sud01oo / ProcessInjection
  Some ways to inject a DLL into a alive process
  ☆360Updated 6 years ago
• hasherezade / libpeconv
  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
  ☆1,203Updated last month
• jackullrich / ShellcodeStdio
  An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
  ☆515Updated 5 years ago
• hfiref0x / SyscallTables
  Windows NT Syscall tables
  ☆1,269Updated last week
• HyperSine / Windows10-CustomKernelSigners
  Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…
  ☆725Updated 5 years ago
• ThomasThelen / Anti-Debugging
  A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
  ☆562Updated 3 years ago