Alternatives and similar repositories for Bentico

Users that are interested in Bentico are comparing it to the libraries listed below

• TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
  A curated compilation of extensive resources dedicated to bootkit and rootkit development.
  ☆63Updated 2 months ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆133Updated 3 months ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆200Updated 5 months ago
• TheMalwareGuardian / Abismo
  UEFI Windows Bootkit
  ☆41Updated last year
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆177Updated 3 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆84Updated 3 weeks ago
• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆161Updated 6 months ago
• BlackSnufkin / Invoke-DumpMDEConfig
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆149Updated last year
• ZeroMemoryEx / CVE-2025-26125
  (0day) Local Privilege Escalation in IObit Malware Fighter
  ☆141Updated 2 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆189Updated last year
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆123Updated last month
• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆119Updated last month
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆182Updated 4 months ago
• gatariee / Winton
  Command and Control (C2) framework
  ☆127Updated last month
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆110Updated 6 months ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆177Updated last year
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆226Updated 7 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆228Updated 6 months ago
• BlackShell256 / Null-AMSI
  Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.
  ☆69Updated 3 weeks ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆155Updated 6 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆36Updated 6 months ago
• eversinc33 / 1.6-C2
  Using the Counter Strike 1.6 RCON protocol as a C2 Channel.
  ☆81Updated 4 months ago
• ricardojoserf / NativeBypassCredGuard
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆242Updated 2 months ago
• Maldev-Academy / Christmas
  ☆258Updated last year
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆180Updated last year
• keowu / BadRentdrv2
  A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…
  ☆97Updated 6 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆112Updated 9 months ago
• OtterHacker / Hooker
  ☆107Updated 7 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆110Updated last month
• ZERODETECTION / MSC_Dropper
  ☆177Updated 10 months ago