Alternatives and similar repositories for guilty-as-yara

Users that are interested in guilty-as-yara are comparing it to the libraries listed below

• Octoberfest7 / ThreadCPUAssignment_POC
  A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread
  ☆30Updated 2 months ago
• ig-labs / defender-mpengine-fuzzing
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆38Updated 4 months ago
• MrAle98 / ATDCM64a-LPE
  ☆21Updated 10 months ago
• RomanRybachek / CVE-2024-20698
  Analysis of the vulnerability
  ☆49Updated last year
• uf0o / Counterfeit_Object_Oriented_Programming_COOP
  ☆14Updated last year
• SpiralBL0CK / CVE-2024-40431-CVE-2022-25479-EOP-CHAIN
  CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)
  ☆45Updated last year
• synacktiv / windows_kernel_shadow_stack
  Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.
  ☆53Updated 6 months ago
• SpecterOps / ipc-research
  Inter-Process Communication Mechanisms
  ☆28Updated 5 years ago
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆34Updated 2 years ago
• omair2084 / msmq_re
  ☆24Updated 2 years ago
• tyranid / windows-memory-access-traps
  A few examples of how to trap virtual memory access on Windows.
  ☆38Updated 11 months ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆30Updated 2 years ago
• theabysslabs / CVE-2022-21881
  POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox
  ☆21Updated 3 years ago
• watchtowrlabs / CVE-2025-0282
  Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)
  ☆30Updated 10 months ago
• Wa1nut4 / CVE-2024-26230
  LPE of CVE-2024-26230
  ☆24Updated last year
• EgeBalci / syscall_api
  ☆38Updated 2 years ago
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆21Updated 2 years ago
• EvanMcBroom / fuse-loader
  Load a dynamic library from memory using a fuse mount
  ☆31Updated 2 years ago
• wolfcod / beacondbg
  Beacon Debugger
  ☆55Updated last year
• UmaRex01 / HookSentry
  Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.
  ☆36Updated 7 months ago
• pwndorei / CVE-2024-38080
  poc code for CVE-2024-38080
  ☆29Updated last year
• susMdT / clr-thing
  rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
  ☆17Updated last year
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆108Updated last year
• 3sjay / sploits
  some sploits
  ☆18Updated last year
• cbwang505 / FilesystemEoPDesktopSystemShell
  Folder Or File Delete to Get System Shell on Current Session Desktop
  ☆47Updated 10 months ago
• hd3s5aa / CVE-2023-21674
  ☆38Updated last year
• zeze-zeze / HITCON-2023-Demo-CVE-2023-20562
  ☆60Updated 2 years ago
• Slowerzs / CryptDecryptMemory
  ☆31Updated last year
• xpn / ObjectOverloadingPOC
  ☆62Updated 3 years ago
• p0dalirius / FindProcessesWithNamedPipes
  A simple C++ Windows tool to get information about processes exposing named pipes.
  ☆39Updated 9 months ago