Alternatives and similar repositories for GHRL

Users that are interested in GHRL are comparing it to the libraries listed below

• ZeroMemoryEx / URootkit
  simple user-mode Rootkit
  ☆105Updated 2 years ago
• kkent030315 / Van1338
  A journal for $6,000 Riot Vanguard bounty.
  ☆63Updated last year
• Hemogl0bin / drvscanner
  Scan for potentially vulnerable drivers
  ☆87Updated 3 years ago
• BomboBombone / Rattuso
  A very weird RAT
  ☆19Updated 2 years ago
• 0x44F / WinKit
  💻 Windows 10 Kernel-mode rootkit
  ☆31Updated 2 years ago
• li4321 / GhostInjector
  ☆45Updated 4 months ago
• idkhidden / WinApiPatcher
  WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.
  ☆42Updated 8 months ago
• byte2mov / codecave-hook
  codecave hook reverse engineering toolkit.
  ☆36Updated last year
• Sherman0236 / XorData
  A C++17 framework designed to enable obfuscation of constants, variables, and strings.
  ☆25Updated last year
• etwhook / TartarusInjector
  Native Shellcode Injector Via Handle Hijacking & Pool Party.
  ☆12Updated last year
• call-042PE / UCantSeeM3
  Hiding your process in ProcessHacker,Task Manager,etc by patching NtQuerySystemInformation
  ☆87Updated 4 years ago
• C5Hackr / Segment-Encryption
  ☆25Updated 7 months ago
• nqntmqmqmb / pePolymorpher
  A tool implementing process hollowing making your PE polymorphic
  ☆15Updated 4 years ago
• dr4k0nia / XorStringsNET
  Easy XOR string encryption for NET based binaries
  ☆138Updated last year
• ZeroMemoryEx / Hooks_Hunter
  Simple API Hooks detector
  ☆73Updated 2 years ago
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆37Updated last year
• vidner / morph
  Polymorphic ELF Runtime Crypter written in rust.
  ☆21Updated 4 years ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆110Updated last year
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆58Updated 2 years ago
• amitschendel / venom-rootkit
  A simple Windows kernel rootkit.
  ☆92Updated 3 weeks ago
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆26Updated 5 years ago
• ZeroMemoryEx / TrampHook
  Simple x86 Trampoline Hook
  ☆40Updated 2 years ago
• TheCtkHoster / Undetected-DLL-Injection-Method
  Undetected DLL Injection Method
  ☆36Updated 2 years ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆137Updated 2 years ago
• dr4k0nia / MurkyStrings
  A string obfuscator for .NET apps, built to evade static string analysis.
  ☆104Updated 2 years ago
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆80Updated 2 years ago
• iilegacyyii / ExportDumper
  A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.
  ☆70Updated 2 years ago
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆19Updated 2 years ago
• trickster0 / CReadMemory
  Read Memory without ReadProcessMemory for Current Process
  ☆76Updated 3 years ago
• kkent030315 / detect-anyrun
  ANY.RUN sandbox detection collection
  ☆19Updated 9 months ago