Alternatives and similar repositories for Windows-Kernel-Exploit

Users that are interested in Windows-Kernel-Exploit are comparing it to the libraries listed below

• TimelifeCzy / HIPS-HIDS_CveMod
  Windows CVE主防(HIPS/HIDS)
  ☆56Updated 4 years ago
• xpn / RpcEnum
  An command-line RPC method enumerator, born out of RPCView's awesomeness
  ☆108Updated 6 years ago
• namjkee / ssdt.Recover.21yu3
  绕过卡巴斯基主动防御,加载驱动，unhook所有ssdt hook及shadow ssdt hook
  ☆38Updated 10 years ago
• 0xhido / BlueLight
  Open-source EDR kernel-component for system monitoring and DLL injection
  ☆32Updated 5 years ago
• wonderkun / kernalApc
  inject dll from kernal mode to user mode process use Apc
  ☆33Updated 5 years ago
• DownWithUp / DynamicKernelShellcode
  An example of how x64 kernel shellcode can dynamically find and use APIs
  ☆104Updated 5 years ago
• UserExistsError / DllLoaderShellcode
  Shellcode to load an appended Dll
  ☆91Updated 5 years ago
• h0li3 / mpengine_diskus
  参考taviso的代码逆向一下mpengine.dll
  ☆20Updated 3 years ago
• killeven / ObjToShellCode
  Rapid generation ShellCode
  ☆61Updated 8 years ago
• 0xcpu / winsmsd
  Windows (ShadowMove) Socket Duplication
  ☆87Updated 5 years ago
• 3gstudent / CreateRemoteThread
  From 32-bit process to 64-bit process
  ☆69Updated 4 years ago
• 0xfei / wincode
  过去写的一些Windows安全研究相关代码
  ☆135Updated 6 years ago
• huoji120 / Heuristic_antivirus_engine_by_huoji
  基于UC的启发式杀毒引擎[还没做完]
  ☆35Updated 4 years ago
• y11en / PEBFake
  PEBFake(修改PEB 伪装当前进程路径、参数等)
  ☆53Updated 4 years ago
• sisoma2 / ShellcodeLoader
  Small tool to load shellcodes or PEs to analyze them
  ☆83Updated 7 years ago
• d35ha / PE2Shellcode
  Convert PE files to a shellcode
  ☆80Updated 5 years ago
• csandker / RPCDump
  ☆85Updated 3 years ago
• EgeBalci / Hook_API
  Assembly block for hooking windows API functions.
  ☆92Updated 6 years ago
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver
  exploit termdd.sys(support kb4499175)
  ☆61Updated 6 years ago
• 3gstudent / Shellcode-Generater
  No inline asm,support x86/x64
  ☆67Updated 4 years ago
• splunk / PPLinject
  Inject unsigned DLL into Protected Process Light (PPL)
  ☆30Updated 7 months ago
• zodiacon / ALPCLogger
  Log ALPC activity
  ☆84Updated 2 years ago
• idiotc4t / ReflectiveBase64DLL
  This is a project to receive Base64 data and decode it in process
  ☆15Updated 5 years ago
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 3 years ago
• yardenshafir / MitigationFlagsCliTool
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆47Updated 5 years ago
• KaLendsi / CVE-2020-1054
  ☆20Updated 5 years ago
• 3gstudent / HiddenNtRegistry
  Use NT Native Registry API to create a registry that normal user can not query.
  ☆94Updated 8 years ago
• waleedassar / SyscallNumberFinder
  ☆33Updated 4 years ago
• asgarciap / etw-dns
  A simple example application to collect DNS queries logs using etw-api
  ☆25Updated 5 years ago
• Barakat / CVE-2019-16098
  Local privilege escalation PoC exploit for CVE-2019-16098
  ☆198Updated 6 years ago