Alternatives and similar repositories for AntiVM

Users that are interested in AntiVM are comparing it to the libraries listed below

• S12cybersecurity / FreeThreadHijacking
  Perform Thread Hijacking Shellcode Injection without OpenProcess and OpenThread mapping all the free handles in memory
  ☆12Updated 10 months ago
• S12cybersecurity / VirtualAlloc-Implementation
  My Own VirtualAlloc Implementation to use as alternative unknown for all the defense solutions of VirtualAlloc Win32 API Function
  ☆9Updated last year
• S12cybersecurity / PDFTypeSpoofing
  PDF Icon File Type Spoofer
  ☆15Updated 10 months ago
• varwara / CVE-2024-21338
  PoC for the Untrusted Pointer Dereference in the appid.sys driver
  ☆16Updated last year
• S12cybersecurity / PrivilegeEscalationClass
  C++ Privilege Escalation Class to execute Process As Admin from User and Process as NT AUTHORITY SYSTEM from Admin
  ☆22Updated last year
• crvvdev / cpp-ransomware
  C\C++ Ransomware example using RSA and AES-128 with BCrypt library on Windows
  ☆17Updated 2 years ago
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆19Updated 2 years ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆21Updated last month
• S12cybersecurity / ProcList
  C++ Script to list active processes with name, PID, Parent PID and User running it
  ☆10Updated 2 years ago
• XaFF-XaFF / MBR-Overwrite-with-custom-message
  Overwrite MBR and add own custom message
  ☆17Updated 5 years ago
• android1337 / crycall
  Compile-Time Calls Obfuscator for C++14+
  ☆43Updated last year
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆29Updated last year
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆26Updated 5 years ago
• NUL0x4C / RecycleBinPersistence
  using the Recycle Bin to insure persistence
  ☆12Updated 2 years ago
• AdiMarianMutu / PE-File-Infection
  Infects PE files with a shellcode
  ☆19Updated 6 years ago
• x0reaxeax / Fetch-n-Exec
  An x64 binary executing code that's not inside of it.
  ☆16Updated 2 years ago
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆35Updated 4 years ago
• Soju06 / kernelLoader
  Windows 10/11 unsigned kernel driver load/debugging
  ☆12Updated 2 years ago
• SkarSys / windows-kernel-trojan
  A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)
  ☆31Updated 7 months ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆19Updated 2 years ago
• C5Hackr / Segment-Encryption
  ☆25Updated 7 months ago
• S12cybersecurity / KeyloggerS12
  C++ keylogger to save all the keys pressed into a local txt file
  ☆11Updated 2 years ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆58Updated 2 years ago
• un4ckn0wl3z / AbuseWin32
  Collection of Win32 with C++/Assembly for Hooking, Patch and Reversing PE file
  ☆12Updated 2 years ago
• keowu / InstrumentationCallbackToolKit
  A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…
  ☆31Updated last year
• x0reaxeax / SilentWrite
  PoC arbitrary WPM without a process handle
  ☆19Updated last year
• 0mWindyBug / FileHide
  filter driver to hide files and directories
  ☆20Updated last year
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆16Updated last year
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆71Updated 4 years ago
• rbmm / RtlClone
  ☆40Updated 3 months ago