Alternatives and similar repositories for rostam-e-dastan:

Users that are interested in rostam-e-dastan are comparing it to the libraries listed below

• binophism / processinjection-via-syscall
  ☆16Updated 3 weeks ago
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆225Updated 2 years ago
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆166Updated 6 years ago
• daem0nc0re / VectorKernel
  PoCs for Kernelmode rootkit techniques research.
  ☆351Updated last week
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆203Updated 3 months ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆247Updated 3 years ago
• zeze-zeze / ioctlance
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆168Updated last year
• BlackSnufkin / BYOVD
  Some POCs for my BYOVD research and find some vulnerable drivers
  ☆159Updated 4 months ago
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆363Updated this week
• jeremybeaume / packer-tutorial
  Files for the packer tutorial
  ☆71Updated 3 years ago
• waleedassar / SimpleNTSyscallFuzzer
  ☆143Updated last year
• ionescu007 / clfs-docs
  Unofficial Common Log File System (CLFS) Documentation
  ☆168Updated 3 years ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆265Updated last year
• vp777 / Windows-Non-Paged-Pool-Overflow-Exploitation
  Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…
  ☆188Updated 2 years ago
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆109Updated last year
• jackullrich / syscall-detect
  PoC capable of detecting manual syscalls from usermode.
  ☆189Updated 2 months ago
• alex-ilgayev / windbg-kernel-debug-cheat-sheet
  Helpful WinDBG command for kernel debugging
  ☆20Updated 4 years ago
• eversinc33 / Banshee
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆513Updated 9 months ago
• Dec0ne / HWSyscalls
  HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
  ☆646Updated last year
• repnz / apc-research
  APC Internals Research Code
  ☆161Updated 4 years ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆116Updated last year
• Black-Frost / windows-learning
  ☆126Updated 5 months ago
• timetravelthree / IDARustDemangler
  Rust Demangler & Normalizer plugin for IDA
  ☆324Updated last year
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆194Updated 3 months ago
• 0dayResearchLab / msFuzz
  Targeting Windows Kernel Driver Fuzzer
  ☆152Updated 2 months ago
• xuanxuan0 / TiEtwAgent
  PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
  ☆260Updated 3 years ago
• VoidSec / DriverBuddyReloaded
  Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
  ☆340Updated 3 months ago
• Bw3ll / ROP_ROCKET
  ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…
  ☆115Updated 4 months ago
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆130Updated 10 months ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆220Updated last year