Alternatives and similar repositories for UACBuddy

Users that are interested in UACBuddy are comparing it to the libraries listed below

• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆22Updated 2 months ago
• EvilBytecode / Evilbytecode-Anti-VM
  Measures average CPU cycles for the CPUID instruction to detect if the code is running in a VM by comparing against a threshold.
  ☆21Updated 2 months ago
• Fadi002 / MalwareInvestigation
  reverse engineering random malwares
  ☆23Updated 5 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 3 years ago
• hackforyourentertainment / Misery
  Misery Loader to bypass modern EDR solutions
  ☆11Updated 6 months ago
• mobdk / HideCode
  Hide code from dnSpy and other C# spying tools
  ☆42Updated 4 years ago
• ig-labs / defender-mpengine-fuzzing
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆27Updated last month
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆31Updated 2 years ago
• OtterHacker / CoffLoader
  ☆54Updated 2 years ago
• rbmm / RtlClone
  ☆40Updated 4 months ago
• pwn1sher / RTImplant
  Just another casual shellcode native loader
  ☆24Updated 3 years ago
• arsium / BypassGetModuleBaseAddressAndGetExportAddress
  A proof of concept of real custom GetProcAddress and GetModuleBaseAddress
  ☆21Updated 3 years ago
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆26Updated 2 years ago
• RATandC2 / ExecRemoteAssembly
  Execute Remote Assembly with args passing and with AMSI and ETW patching
  ☆11Updated 2 years ago
• bot984397 / eepy
  ☆31Updated 3 months ago
• rbmm / PPL
  run process as PPL Antimalware
  ☆10Updated last year
• thiagomayllart / DarkMelkor
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆28Updated 3 years ago
• EvilBytecode / SsnRetrieval
  Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…
  ☆12Updated 2 months ago
• 0xPrimo / Ntdll-Unhooking
  Ntdll Unhooking
  ☆13Updated 2 months ago
• jilvan1234 / WinAPI-Tricks
  ☆10Updated 4 years ago
• Idov31 / NidhoggCSharpApi
  C# API for Nidhogg rootkit
  ☆17Updated last year
• passthehashbrowns / DInvokeProcessHollowing
  ☆30Updated 4 years ago
• klezVirus / DCKFinder
  Dangling COM Keys Finder
  ☆17Updated 3 years ago
• GetRektBoy724 / SharpLoadLibrary
  An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
  ☆56Updated 3 years ago
• EvilBytecode / Eset-Unload
  Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …
  ☆10Updated 2 months ago
• aaaddress1 / masqueradeCmdline
  A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
  ☆40Updated 4 years ago
• sevagas / MagicLib
  Non organized Cpp code files I used for my research on Windows
  ☆25Updated 4 years ago
• D4rthMaulCop / DarthNetLoader
  ☆15Updated last year
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆19Updated 2 years ago
• C5Hackr / c_syscalls
  https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.
  ☆31Updated last year