Alternatives and similar repositories for windows-exploitation:

Users that are interested in windows-exploitation are comparing it to the libraries listed below

• NullArray / WinKernel-Resources
  A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …
  ☆141Updated 2 years ago
• am0nsec / vx
  Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.
  ☆180Updated 3 years ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆119Updated last year
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆220Updated last year
• ByteHackr / WindowsExploitation
  A curated list of awesome Windows Exploitation resources, and shiny things.
  ☆73Updated 7 years ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆250Updated 3 years ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆207Updated 2 years ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆79Updated last year
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆95Updated 9 months ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆129Updated last year
• Faran-17 / Windows-Internals
  Important notes and topics on my journey towards mastering Windows Internals
  ☆368Updated 10 months ago
• NtRaiseHardError / NINA
  NINA: No Injection, No Allocation x64 Process Injection Technique
  ☆195Updated 4 years ago
• ayoubfaouzi / windows-internals
  My notes while studying Windows internals
  ☆418Updated 3 months ago
• am0nsec / wspe
  Windows System Programming Experiments
  ☆219Updated 2 years ago
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆225Updated 2 years ago
• rad9800 / WTSRM
  WTSRM
  ☆209Updated 2 years ago
• yardenshafir / PoolViewer
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆136Updated 2 years ago
• waleedassar / RestrictedKernelLeaks
  ☆158Updated 3 years ago
• jonaslyk / exploitkitpub
  ☆95Updated 3 years ago
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆244Updated 11 months ago
• enkomio / thematrix
  a PE Loader and Windows API tracer. Useful in malware analysis.
  ☆138Updated 2 years ago
• dalvarezperez / CreateFile_based_rootkit
  ☆133Updated 2 weeks ago
• huntandhackett / concealed_code_execution
  Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
  ☆205Updated 2 years ago
• tbhaxor / WinAPI-RedBlue
  Source code of exploiting windows API for red teaming series
  ☆148Updated 2 years ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆172Updated 3 months ago
• br-sn / CheekyBlinder
  Enumerating and removing kernel callbacks using signed vulnerable drivers
  ☆556Updated 2 years ago
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆384Updated 2 months ago
• Cr4sh / KernelForge
  A library to develop kernel level Windows payloads for post HVCI era
  ☆395Updated 3 years ago
• hasherezade / module_overloading
  A more stealthy variant of "DLL hollowing"
  ☆342Updated last year
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆108Updated 3 years ago