Alternatives and similar repositories for Occulto

Users that are interested in Occulto are comparing it to the libraries listed below

• Ahora57 / Unabomber
  Improved VMP Idea(detect anti-anti-debug tools by bug)
  ☆46Updated 2 years ago
• BeneficialCode / KReClassEx
  Kernel ReClassEx
  ☆65Updated 2 years ago
• Oliver-1-1 / EtwKeyboardDetection
  ☆32Updated last year
• xu-Wan / HypercallPageHook
  POC Hook of nt!HvcallCodeVa
  ☆53Updated 2 years ago
• Mrikan8 / kernel-hook
  Just tried, unusable
  ☆46Updated last year
• 0mWindyBug / KernelInjector
  PoC kernel to usermode injection
  ☆89Updated last year
• armvirus / VanguardTrace
  Decrypting and intercepting encrypted imports of Vanguards Kernel Driver
  ☆36Updated last year
• emlinhax / tableflipper
  partially disable patchguard up to win11 21H2
  ☆18Updated last year
• DErDYAST1R / SilentFunctionCaller
  Allows for same-file KernelMode function execution using Encrypted addresses of Functions
  ☆48Updated 2 months ago
• Oliver-1-1 / DumpDriver
  ☆47Updated last year
• Valthrun / valthrun-uefi-mapper
  Windows driver mapper via the UEFI
  ☆49Updated 4 months ago
• SamuelTulach / MemoryGuard
  Experiment with PAGE_GUARD protection to hide memory from other processes
  ☆51Updated last year
• kkent030315 / anyvtop
  x64 Windows implementation of virtual-address to physical-address translation
  ☆45Updated 4 years ago
• iqrw0 / DieDMAProtection
  ☆29Updated last year
• papstuc / portable_executable
  modern c++ wrapper around the microsoft portable executable file format
  ☆29Updated last week
• cMiraka / RWCommunication
  ☆43Updated 2 years ago
• weak1337 / CEDetector
  ☆47Updated 3 years ago
• veryboreddd / Return-address-spoofer
  Illustrates the concept of return address spoofing, and how it is used.
  ☆14Updated 5 years ago
• 0mWindyBug / DataptrHooks
  ntoskrnl .data hooks for UM-KM communication
  ☆51Updated last year
• jonomango / chum
  Binary rewriter for 64-bit PE files.
  ☆88Updated last year
• samware-free / cr3driver
  cr3 shuffle driver
  ☆65Updated last year
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆52Updated 3 years ago
• Nou4r / PresentInjector
  A simple present scene, kernel allocation injector.
  ☆26Updated 3 years ago
• JustasMasiulis / rep_mov_ept_detecc
  ☆84Updated last month
• brew02 / BudgetEPT
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆59Updated last year
• binsnake / icedpp
  A C++ wrapper for icedx86 decoder
  ☆34Updated 4 months ago
• SamuelTulach / unxorer
  Yet another IDA Pro/Home plugin for deobfuscating stack strings
  ☆105Updated last month
• cutecatsandvirtualmachines / DDMA
  Disk based DMA for ATA and SCSI
  ☆35Updated 2 years ago
• Sentient111 / ClearDriverTraces
  clearing traces of a loaded driver
  ☆47Updated 3 years ago
• rogxo / DisableDSE
  A method to Disable DSE using .data ptr hooks
  ☆36Updated last year