Alternatives and similar repositories for NjCloak

Users that are interested in NjCloak are comparing it to the libraries listed below

• notcpuid / pe-packer
  X86 Packer with Portable Executable compatibility.
  ☆59Updated last month
• 0mWindyBug / KernelInjector
  PoC kernel to usermode injection
  ☆86Updated last year
• ac3ss0r / c2shell
  A C/C++ framework designed to simplify shellcode creation on any compilers and platforms using C. Supports Windows & Linux, and practical…
  ☆18Updated last year
• void-stack / Hypervisor-Detection
  Detects virtual machines and malware analysis environments
  ☆138Updated 2 years ago
• SamuelTulach / MemoryGuard
  Experiment with PAGE_GUARD protection to hide memory from other processes
  ☆51Updated last year
• 4l3x777 / dse_pg_bypass
  DSE & PG bypass via BYOVD attack
  ☆64Updated 3 months ago
• NotRequiem / antidbg
  C/C++ antidebugging library for Windows
  ☆38Updated last month
• idkhidden / winapipatcher
  WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.
  ☆43Updated last year
• sapdragon / syscalls-cpp
  A modern C++20 header-only library for advanced direct system call invocation.
  ☆147Updated last month
• android1337 / crycall
  Compile-Time Calls Obfuscator for C++14+
  ☆48Updated last year
• ManulMap / malstring
  Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.
  ☆30Updated last year
• Flerov / TS-Changer
  TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.
  ☆63Updated 2 years ago
• rootkitenthusiast / pdfwkrnl-exploit
  abusing signed pdfwkrnl.sys for kernel function calling from usermode.
  ☆20Updated last month
• 0mWindyBug / DataptrHooks
  ntoskrnl .data hooks for UM-KM communication
  ☆51Updated last year
• dmaivel / covirt
  An x86-64 code virtualizer for VM based obfuscation
  ☆137Updated 9 months ago
• Legcsnaec / driverMapper
  An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE …
  ☆13Updated last year
• li4321 / GhostInjector
  ☆48Updated 8 months ago
• ZwCreateFile / FuckDse
  Bring Your Own Vulnerable Driver for PatchGuard & Driver Signature Enforcement
  ☆13Updated last year
• DErDYAST1R / NmiCallbackBlocker
  Kernel Level NMI Callback Blocker
  ☆123Updated 2 weeks ago
• DErDYAST1R / EfiGuardUsermodeLoader
  This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…
  ☆59Updated 2 weeks ago
• Soju06 / kernelLoader
  Windows 10/11 unsigned kernel driver load/debugging
  ☆14Updated 2 years ago
• byte2mov / codecave-hook
  codecave hook reverse engineering toolkit.
  ☆37Updated last year
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆129Updated 2 years ago
• ItzPAX / VulnDriverFinder
  browse microsoft driver server for potentially vulnerable drivers
  ☆23Updated last year
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆52Updated 3 years ago
• xsh3llsh0ck / Deadwing
  SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
  ☆93Updated 11 months ago
• nbs32k / inline-syscall
  Inline syscalls made for MSVC supporting x64 and WOW64
  ☆186Updated 2 years ago
• xsh3llsh0ck / PicoHook
  Small driver that uses alternative syscalls feature (the project is still under development).
  ☆18Updated last year
• shaygitub / windows-rootkit
  windows rootkit
  ☆61Updated last year
• xsh3llsh0ck / MilkBox
  Tool to dump EFI runtime drivers.
  ☆37Updated last year