Alternatives and similar repositories for Simple-Antirootkit-SST-Unhooker:

Users that are interested in Simple-Antirootkit-SST-Unhooker are comparing it to the libraries listed below

• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 7 years ago
• devrimm / block-process-execute
  Block process execute kernel driver for Windows x64
  ☆19Updated 8 years ago
• OSRDrivers / deleteex
  Demonstrate the new FileDispositionInfoEx behavior
  ☆15Updated 7 years ago
• pfussell / pivotal
  A MITM proxy server for reflective DLL injection through WinINet
  ☆15Updated 6 years ago
• 0xdabbad00 / OpenHIPS
  OpenHIPS prevents exploitation of Windows systems
  ☆33Updated 12 years ago
• wekillpeople / metasploit-loader
  metasploit loader with antivirus bypass module
  ☆17Updated 8 years ago
• AzureGreen / WinNT-Learning
  Notes my learning steps about Windows-NT
  ☆23Updated 7 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆19Updated 8 years ago
• sin5678 / wow64hook
  wow64 syscall filter
  ☆13Updated 10 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆16Updated 5 years ago
• zodiacon / ErrorLookup
  Simple error lookup for Win32 and NTSTATUS errors
  ☆17Updated 6 years ago
• after1990s / InjectSolution
  ☆11Updated 9 years ago
• strobejb / injdll
  DLL Injection commandline utility
  ☆26Updated 11 years ago
• cysinfo / Malpimp
  Malpimp is an advanced API tracing tool and designed to automate the reverse engineering process. In the backend it uses pydbg to hook t…
  ☆8Updated 8 years ago
• rsa9000 / regfanalysistools
  Low-level MS Windows registry files analysis tools
  ☆19Updated 8 years ago
• killswitch-GUI / IsDebuggerPresent
  Debugger checks in 3 ways
  ☆18Updated 7 years ago
• zodiacon / AccessMask
  ☆18Updated 5 years ago
• weixu8 / RegistryMonitor
  Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…
  ☆21Updated 10 years ago
• hzqst / hidden
  Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
  ☆16Updated 6 years ago
• DownWithUp / WhoCalls_C
  WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…
  ☆17Updated 2 years ago
• ximerus / Kryptonite
  A Win32 PE/Executable Crypter that employs on the fly encryption & decryption of memory
  ☆33Updated 10 years ago
• Prevenity / malware_monitor
  Malware monitor template based on MinHook
  ☆16Updated 9 years ago
• edix / MalwareResourceScanner
  Scanning and identifying XOR encrypted PE files in PE resources
  ☆27Updated 10 years ago
• wekillpeople / ntshutdown-shellcode
  Windows hard shutdown shellcode. Don't need administrator rights.
  ☆12Updated 8 years ago
• tandasat / CheckSDL
  A tool evaluates security configurations of a given PE based on SDL without source code
  ☆13Updated 10 years ago
• Cr4sh / IDA-UbiGraph
  IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph
  ☆25Updated 11 years ago
• tinysec / runwithdll
  windows create process with a dll load first time via LdrHook
  ☆30Updated 8 years ago
• hatRiot / DelayLoadInject
  Code injection via delay load libraries
  ☆34Updated 7 years ago
• ambray / Ntfs
  Various libraries focused on examining/parsing NTFS-specific structures
  ☆16Updated 9 years ago
• stolenbytes / apcforthewin
  ☆16Updated 7 years ago