Alternatives and similar repositories for c2shell

Users that are interested in c2shell are comparing it to the libraries listed below

• 0mWindyBug / KernelInjector
  PoC kernel to usermode injection
  ☆83Updated last year
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆47Updated 2 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆35Updated 2 years ago
• Nou4r / PresentInjector
  A simple present scene, kernel allocation injector.
  ☆24Updated 2 years ago
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆46Updated 2 years ago
• andrew9382 / manual_mapping_dll_injector
  manual mapping injector
  ☆27Updated 3 years ago
• boom-cr3 / NotifyRoutineHijackThread
  Hijack NotifyRoutine for a kernelmode thread
  ☆42Updated 3 years ago
• kkent030315 / detect-anyrun
  ANY.RUN sandbox detection collection
  ☆19Updated 9 months ago
• NotRequiem / antidbg
  C/C++ antidebugging library for Windows
  ☆21Updated 4 months ago
• blueflagss / inline-syscall
  A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.
  ☆50Updated 3 months ago
• rogxo / DisableDSE
  A method to Disable DSE using .data ptr hooks
  ☆31Updated last year
• Oliver-1-1 / DumpDriver
  ☆44Updated 11 months ago
• bytesundso / SneakCalls
  direct systemcalls with a modern c++20 interface.
  ☆43Updated 2 years ago
• xu-Wan / HypercallPageHook
  POC Hook of nt!HvcallCodeVa
  ☆52Updated 2 years ago
• Xacone / Eneio64-Driver-Exploit
  Exploit for eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W
  ☆34Updated last month
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆19Updated 2 years ago
• DErDYAST1R / SilentFunctionCaller
  Allows for same-file KernelMode function execution using Encrypted addresses of Functions
  ☆36Updated 7 months ago
• Sentient111 / ClearDriverTraces
  clearing traces of a loaded driver
  ☆47Updated 2 years ago
• Sherman0236 / XorData
  A C++17 framework designed to enable obfuscation of constants, variables, and strings.
  ☆25Updated last year
• Ahora57 / Unabomber
  Improved VMP Idea(detect anti-anti-debug tools by bug)
  ☆44Updated 2 years ago
• 0mWindyBug / DataptrHooks
  ntoskrnl .data hooks for UM-KM communication
  ☆40Updated last year
• justvmexit / dumpr
  Dumping processes using a kernel-mode driver.
  ☆19Updated 3 years ago
• Oliver-1-1 / EtwKeyboardDetection
  ☆30Updated 8 months ago
• SamuelTulach / MemoryGuard
  Experiment with PAGE_GUARD protection to hide memory from other processes
  ☆44Updated 11 months ago
• ManulMap / malstring
  Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.
  ☆21Updated last year
• ZEROWyt / Kernel-driver-eac-be-
  Made by scammer so i leak for free ! have fun
  ☆55Updated 2 years ago
• samware-free / cr3driver
  cr3 shuffle driver
  ☆42Updated last year
• DErDYAST1R / NMICallbackBlocker2
  This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.
  ☆53Updated 7 months ago
• emlinhax / xv
  single-header pointer/value encryption
  ☆18Updated last year
• SkarSys / windows-kernel-trojan
  A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)
  ☆31Updated 7 months ago