Alternatives and similar repositories for Occulto

Users that are interested in Occulto are comparing it to the libraries listed below

• NewWorldComingSoon / UnknownField
  UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.
  ☆44Updated 2 years ago
• iqrw0 / DieDMAProtection
  ☆25Updated last year
• idkhidden / idashare
  idashare is an IDA Pro plugin that allows you to quickly share the currently loaded binary and IDA database over a local HTTP server with…
  ☆11Updated 3 months ago
• andrew9382 / manual_mapping_dll_injector
  manual mapping injector
  ☆27Updated 3 years ago
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆38Updated 2 years ago
• stdhu / windows-kernel-pagehook
  windows kernel pagehook
  ☆40Updated 2 years ago
• xtremegamer1 / vmdevirt-vtil
  ☆27Updated last year
• boom-cr3 / NotifyRoutineHijackThread
  Hijack NotifyRoutine for a kernelmode thread
  ☆42Updated 3 years ago
• mike1k / HardwareBreakpoint
  X86/X64 Hardware Breakpoint Manager
  ☆41Updated 4 years ago
• bytesundso / SneakCalls
  direct systemcalls with a modern c++20 interface.
  ☆43Updated 2 years ago
• 1401199262 / InstrumentationCallback
  ☆27Updated 2 years ago
• ioncodes / rapid-kdbg-hyperv
  ☆15Updated 2 years ago
• hugsy / modern-cpp-windows-driver-template
  Windows driver template, using C++20 & cmake & GithubActions
  ☆22Updated 11 months ago
• 1401199262 / HookHvcallCodeVa
  ☆23Updated 2 years ago
• Qfrost911 / KACE
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆19Updated 6 months ago
• ByteWhite1x1 / PatchGuardResearch
  Bypassing kernel patch protection runtime
  ☆20Updated 2 years ago
• vxcall / ZwDetectMemoryRead
  neat way to detect memory read using nt layer function.
  ☆14Updated last year
• Midi12 / whse
  WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API
  ☆23Updated 3 years ago
• r3bb1t / vmp_analyzer
  ☆36Updated 2 years ago
• sum-catnip / kptnhook
  windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking
  ☆54Updated 2 years ago
• backengineering / vmhook
  A demonstration of hooking into the VMProtect-2 virtual machine
  ☆20Updated last year
• helloobaby / Nmi-Callback
  detect hypervisor with Nmi Callback
  ☆39Updated 2 years ago
• MiroKaku / HRSword-Portable
  https://www.huorong.cn/
  ☆14Updated last year
• kkent030315 / CiGetCertPublisherName
  An example code of CiGetCertPublisherName
  ☆16Updated 3 years ago
• backengineering / pdbgen2
  Generate a PDB file given the old PDB file and an address mapping
  ☆48Updated 4 months ago
• Nitr0-G / Rework-part-of-z3-proving
  This is the PoC of a dynamic lifter and deobfuscator with collecting trace.
  ☆35Updated last year
• Mrikan8 / kernel-hook
  Just tried, unusable
  ☆41Updated 8 months ago
• emlinhax / DriverTimestampFaker
  Fake Timestamps of Driver Certificates while keeping validity.
  ☆18Updated 4 years ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆62Updated 2 years ago
• backengineering / msrexec
  Elevate arbitrary MSR writes to kernel execution.
  ☆38Updated last year