Alternatives and similar repositories for NjCloak

Users that are interested in NjCloak are comparing it to the libraries listed below

• 0mWindyBug / KernelInjector
  PoC kernel to usermode injection
  ☆87Updated last year
• void-stack / Hypervisor-Detection
  Detects virtual machines and malware analysis environments
  ☆137Updated 2 years ago
• rootkitenthusiast / pdfwkrnl-exploit
  abusing signed pdfwkrnl.sys for kernel function calling from usermode.
  ☆20Updated last week
• 4l3x777 / dse_pg_bypass
  DSE & PG bypass via BYOVD attack
  ☆62Updated 2 months ago
• notcpuid / pe-packer
  X86 Packer with Portable Executable compatibility.
  ☆57Updated 3 weeks ago
• android1337 / crycall
  Compile-Time Calls Obfuscator for C++14+
  ☆50Updated last year
• sapdragon / syscalls-cpp
  A modern C++20 header-only library for advanced direct system call invocation.
  ☆139Updated last week
• ac3ss0r / c2shell
  A C/C++ framework designed to simplify shellcode creation on any compilers and platforms using C. Supports Windows & Linux, and practical…
  ☆16Updated last year
• Soju06 / kernelLoader
  Windows 10/11 unsigned kernel driver load/debugging
  ☆14Updated 2 years ago
• SamuelTulach / MemoryGuard
  Experiment with PAGE_GUARD protection to hide memory from other processes
  ☆49Updated last year
• Legcsnaec / driverMapper
  An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE …
  ☆13Updated last year
• nbs32k / inline-syscall
  Inline syscalls made for MSVC supporting x64 and WOW64
  ☆184Updated 2 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆36Updated 2 years ago
• Flerov / TS-Changer
  TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.
  ☆64Updated 2 years ago
• ManulMap / malstring
  Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.
  ☆29Updated last year
• helloobaby / spoofcall
  spoof return address
  ☆77Updated 2 years ago
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆19Updated 3 years ago
• Oxygen1a1 / callstack_spoof
  ☆124Updated last year
• SwenenzY / section-obfuscation
  PE Header (.rdata,.data,.text) obsfucation
  ☆38Updated 3 years ago
• dmaivel / covirt
  An x86-64 code virtualizer for VM based obfuscation
  ☆135Updated 9 months ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆129Updated 2 years ago
• ZwCreateFile / FuckDse
  Bring Your Own Vulnerable Driver for PatchGuard & Driver Signature Enforcement
  ☆13Updated last year
• 0mWindyBug / DataptrHooks
  ntoskrnl .data hooks for UM-KM communication
  ☆51Updated last year
• 0mWindyBug / GhostMapperUM
  manual map unsigned driver over signed memory
  ☆201Updated last year
• NotRequiem / antidbg
  C/C++ antidebugging library for Windows
  ☆37Updated 3 weeks ago
• estimated1337 / hidden_syscall
  hidden_syscall - syscaller without using syscall instruction in code
  ☆62Updated 2 years ago
• ItzPAX / wnbios_poc
  using wnbios64.sys for arbitrary r/w
  ☆15Updated last year
• li4321 / GhostInjector
  ☆46Updated 7 months ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆89Updated 5 months ago
• ItzPAX / VulnDriverFinder
  browse microsoft driver server for potentially vulnerable drivers
  ☆23Updated last year