Alternatives and similar repositories for windows-exploitation:

Users that are interested in windows-exploitation are comparing it to the libraries listed below

• NullArray / WinKernel-Resources
  A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …
  ☆135Updated 2 years ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆118Updated last year
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆220Updated last year
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆79Updated last year
• am0nsec / vx
  Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.
  ☆180Updated 3 years ago
• ByteHackr / WindowsExploitation
  A curated list of awesome Windows Exploitation resources, and shiny things.
  ☆73Updated 7 years ago
• Faran-17 / Windows-Internals
  Important notes and topics on my journey towards mastering Windows Internals
  ☆362Updated 9 months ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆247Updated 3 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆129Updated last year
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆376Updated 3 weeks ago
• vxcute / WindowsInternals
  Yet another windows internals repo
  ☆204Updated 3 years ago
• waleedassar / RestrictedKernelLeaks
  ☆157Updated 3 years ago
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆224Updated 2 years ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆160Updated 2 months ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆203Updated 2 years ago
• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆369Updated 3 months ago
• kkent030315 / PageTableInjection
  Code Injection, Inject malicious payload via pagetables pml4.
  ☆228Updated 3 years ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆266Updated last year
• dalvarezperez / CreateFile_based_rootkit
  ☆131Updated last year
• jonaslyk / exploitkitpub
  ☆94Updated 3 years ago
• raminfp / basic-windows-kernel-programming
  Windows Kernel Programming
  ☆124Updated 4 years ago
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆68Updated 2 years ago
• rad9800 / WTSRM
  WTSRM
  ☆207Updated 2 years ago
• daem0nc0re / AtomicSyscall
  Tools and PoCs for Windows syscall investigation.
  ☆357Updated last month
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆93Updated 8 months ago
• xct / windows-kernel-exploits
  Some of my windows kernel exploits for learning purposes
  ☆122Updated 2 years ago
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆243Updated 10 months ago
• am0nsec / wspe
  Windows System Programming Experiments
  ☆218Updated 2 years ago
• ayoubfaouzi / windows-internals
  My notes while studying Windows internals
  ☆408Updated 2 months ago
• klezVirus / SilentMoonwalk
  PoC Implementation of a fully dynamic call stack spoofer
  ☆742Updated 7 months ago