Alternatives and similar repositories for S12URootkit

Users that are interested in S12URootkit are comparing it to the libraries listed below

• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆70Updated last year
• MastMind / PE-infector
  Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)
  ☆60Updated last year
• ZeroMemoryEx / Tokenizer
  Kernel Mode Driver for Elevating Process Privileges
  ☆133Updated 2 years ago
• aplyc1a / PEMemoryLoader
  Load static-compiled PE from remote server.
  ☆62Updated 3 years ago
• JrM2628 / httpworker
  A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…
  ☆90Updated last year
• ASkyeye / FilelessRemotePE
  Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
  ☆63Updated 2 years ago
• oldboy21 / SyscallMeMaybe
  Implementation of Indirect Syscall technique to pop a calc.exe
  ☆102Updated last year
• waawaa / breakcyserver
  ☆49Updated 2 years ago
• Konis-Bros / espio
  Shellcode obfuscation tool to avoid AV/EDR.
  ☆127Updated last year
• SaadAhla / D1rkSleep
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆119Updated 2 years ago
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆137Updated 2 years ago
• reveng007 / ReflectiveNtdll
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆169Updated 2 years ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆58Updated 2 years ago
• ZeroMemoryEx / Overlord
  abusing Process Hacker driver to terminate other processes (BYOVD)
  ☆82Updated 2 years ago
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆84Updated 2 years ago
• brosck / Frosty
  「🧊」Ring 3 Rootkit for Windows 10
  ☆58Updated 5 months ago
• su1s / encryptor
  Windows shellcode encoding and encrypting tool
  ☆21Updated 3 years ago
• Hagrid29 / BYOVDKit
  bring your own vulnerable driver
  ☆98Updated 2 years ago
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆70Updated last year
• Wh04m1001 / IFaultrepElevatedDataCollectionUAC
  ☆133Updated 2 years ago
• Vasco0x4 / ShadeLoader
  ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过
  ☆40Updated 2 weeks ago
• S12cybersecurity / PDFTypeSpoofing
  PDF Icon File Type Spoofer
  ☆15Updated 10 months ago
• S12cybersecurity / RatInject
  Rat Inject is C++ Executable to gain Undetectable Persistence in Windows via 4 Registry Keys
  ☆30Updated 2 years ago
• Kr0ff / WinMalDev
  Various methods of executing shellcode
  ☆70Updated 2 years ago
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆45Updated last year
• fortra / CVE-2024-6769
  Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)
  ☆71Updated 8 months ago
• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆115Updated 7 months ago
• DamonMohammadbagher / NativePayload_PE1
  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…
  ☆60Updated 2 years ago
• sexyiam / UAC-Bypass
  UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.
  ☆48Updated last year
• arsium / ShellCodeExec
  My personal shellcode loader
  ☆31Updated 2 years ago