Alternatives and similar repositories for Simple-Antirootkit-SST-Unhooker

Users that are interested in Simple-Antirootkit-SST-Unhooker are comparing it to the libraries listed below

• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 8 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆19Updated 9 years ago
• AzureGreen / WinNT-Learning
  Notes my learning steps about Windows-NT
  ☆23Updated 8 years ago
• zodiacon / ErrorLookup
  Simple error lookup for Win32 and NTSTATUS errors
  ☆19Updated 6 years ago
• pfussell / pivotal
  A MITM proxy server for reflective DLL injection through WinINet
  ☆15Updated 7 years ago
• conix-security / MLBT
  MBR manipulation tool
  ☆17Updated 11 years ago
• wekillpeople / metasploit-loader
  metasploit loader with antivirus bypass module
  ☆17Updated 9 years ago
• devrimm / block-process-execute
  Block process execute kernel driver for Windows x64
  ☆19Updated 9 years ago
• ambray / Ntfs
  Various libraries focused on examining/parsing NTFS-specific structures
  ☆16Updated 9 years ago
• sin5678 / wow64hook
  wow64 syscall filter
  ☆13Updated 10 years ago
• 0xdabbad00 / OpenHIPS
  OpenHIPS prevents exploitation of Windows systems
  ☆35Updated 12 years ago
• changeofpace / Remote-Process-Cookie-for-Windows-7
  Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.
  ☆22Updated 8 years ago
• JohnnyLChang / MBRProtector
  ☆14Updated 8 years ago
• AlephNull314 / AbsoluteZero
  Anti-AV compilation
  ☆43Updated 11 years ago
• edix / MalwareResourceScanner
  Scanning and identifying XOR encrypted PE files in PE resources
  ☆28Updated 11 years ago
• OSRDrivers / deleteex
  Demonstrate the new FileDispositionInfoEx behavior
  ☆14Updated 7 years ago
• after1990s / InjectSolution
  ☆12Updated 10 years ago
• zodiacon / ObjDir
  Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.
  ☆20Updated last year
• therealdreg / auxlib
  Full reversing of the Microsoft Auxiliary Windows API Library and ported to C
  ☆24Updated 6 months ago
• fengkuangfj / SecretDisk2
  ☆9Updated 8 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆17Updated 6 years ago
• tandasat / CVE-2014-0816
  CVE-2014-0816
  ☆25Updated 8 years ago
• panoramixor / GDIObjDump
  ☆28Updated 9 years ago
• zodiacon / AccessMask
  ☆20Updated 5 years ago
• n3k / misc_exploits_pocs
  Miscellaneous old Exploit code and PoCs
  ☆16Updated 8 months ago
• weixu8 / RegistryMonitor
  Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…
  ☆21Updated 11 years ago
• revsic / PacketInjector
  Detect HTTP packet and inject redirect packet
  ☆14Updated 7 years ago
• cysinfo / Malpimp
  Malpimp is an advanced API tracing tool and designed to automate the reverse engineering process. In the backend it uses pydbg to hook t…
  ☆8Updated 8 years ago
• EvilKnight1986 / Simrep
  windows kernel File redirection
  ☆20Updated 10 years ago
• codingtest / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆27Updated 6 years ago