Alternatives and similar repositories for stegosphere:

Users that are interested in stegosphere are comparing it to the libraries listed below

• roadwy / Record
  ☆16Updated 10 years ago
• 0xcpu / exthost
  A POC for Windows Extension Host hooking
  ☆22Updated 5 years ago
• 474172261 / windows-CET
  ☆13Updated last year
• NtRaiseHardError / Windows-Binary-Exploitation
  Resources from my journey into Windows binary exploitation
  ☆22Updated 6 years ago
• polakow / WindowsBypassSMEP
  Example for PagedOut!
  ☆24Updated 5 years ago
• John-Yu / Simple_PE_packer
  The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…
  ☆19Updated 7 years ago
• rtyuiow / vmware-backdoor
  vmware-backdoor
  ☆33Updated 3 years ago
• Lima-X / XOrCryptEx
  XOrCryptEx lightweight C Utility/Algorithm
  ☆11Updated 2 years ago
• OrShazam / ChainEngine
  automates exploits using ROP chains, using ntdll-scraper
  ☆16Updated 2 years ago
• h4xu3lyn / NTLib
  Headers for linking your software with ntdll.dll
  ☆15Updated 4 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆19Updated 8 years ago
• NtRaiseHardError / Phage
  Reflective DLL Injection style process infector
  ☆20Updated 6 years ago
• shubham0d / SymBlock
  A windows kernel driver to Block symbolic link exploit used for privilege escalation.
  ☆10Updated 4 years ago
• NtRaiseHardError / Providence
  Kernel-mode file scanner
  ☆18Updated 6 years ago
• perturbed-platypus / UEFIWriteCPP
  ☆11Updated 5 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆31Updated last year
• JKornev / NTlib
  Static library and headers for linking your software with ntdll.dll
  ☆32Updated 5 years ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 6 years ago
• hasherezade / hidden_bee_tools
  Parser for a custom executable format from Hidden Bee malware (first stage)
  ☆39Updated 4 months ago
• blaquee / APCHook
  hooking KiUserApcDispatcher
  ☆23Updated 7 years ago
• ryan-weil / Code-Cave
  Injects position-dependent code into a code cave in an executable file, and applies relocations.
  ☆23Updated last year
• n4r1b / WdFilter-Research
  Data and structures regarding the research done on WdFilter
  ☆12Updated 4 years ago
• Trietptm-on-Coding-Algorithms / ZeroBank-ring0-bundle
  Kernel-Mode rootkit that connects to a remote server to send & recv commands
  ☆31Updated 6 years ago
• ambray / DotNetReflectiveLoading
  ☆31Updated 7 years ago
• xmmword / x0
  Hardware Spoofing & VirtualBox-Hardening x64 Bootkit
  ☆16Updated 2 years ago
• thalium / WinDbgFastObj
  ☆21Updated 3 years ago
• SLAUC91 / DLLFinder
  Enumerate the DLLs/Modules using NtQueryVirtualMemory
  ☆32Updated 9 years ago
• lallouslab / Ganxo_
  An opensource API hooking framework
  ☆21Updated 5 years ago
• michaeljgoodman / Dumpulator-IDA
  Currently proof-of-concept
  ☆16Updated 3 years ago
• d35ha / PEReflectiveInjection
  Remote PE reflective injection with a simple reflective loader
  ☆30Updated 5 years ago