Alternatives and similar repositories for Heavens-Gate:

Users that are interested in Heavens-Gate are comparing it to the libraries listed below

• cs1ime / DICHook
  Hook NtDeviceIoControlFile with PatchGuard
  ☆103Updated 2 years ago
• A-Normal-User / Pretend_HideVirtualMemory
  利用物理内存映射，实现虚拟内存的伪隐藏
  ☆81Updated 2 years ago
• D0pam1ne705 / Direct-NtCreateUserProcess
  Call NtCreateUserProcess directly as normal.
  ☆69Updated 2 years ago
• aaaddress1 / wowGrail
  PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)
  ☆103Updated 3 years ago
• windpiaoxue / sc4cpp
  sc4cpp is a shellcode framework based on C++
  ☆88Updated 3 years ago
• DragonQuestHero / WindowsSyscallsEx
  Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查
  ☆93Updated last year
• huoji120 / Etw-Syscall
  https://key08.com/index.php/2021/10/19/1375.html
  ☆65Updated 2 years ago
• GoodstudyChina / APC-injection-x86-x64
  ☆65Updated 6 years ago
• Rhydon1337 / windows-kernel-file-delete
  Force a file delete using a windows kernel driver
  ☆62Updated 2 years ago
• WINGS2709 / 360Safe
  大数字驱动逆向代码
  ☆71Updated last year
• Jhinxs / ntoskrnl
  收集常用windows版本内核文件
  ☆32Updated last year
• estimated1337 / lenovo_exec
  CVE-2022-3699 with arbitrary kernel code execution capability
  ☆69Updated 2 years ago
• jseclab / UGuardMap
  bootkit驱动映射，三环进程注入加载指定模块
  ☆13Updated 3 months ago
• IcEy-999 / Kernel-Special-APC-ReadProcessMemory
  Example of reading process memory through kernel special APC
  ☆101Updated last year
• zzhouhe / VM_Analyze
  ☆82Updated 4 years ago
• A-Normal-User / NtSocket_NtClient_NtServer
  Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock（利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能）
  ☆107Updated 2 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆34Updated last year
• fIappy / FpVTProject
  intel vt-x hypervisor ept
  ☆25Updated 4 years ago
• DragonQuestHero / WindowsKernelPrivateSymbolsDump
  Win7内核私有符号结构转储
  ☆67Updated 3 years ago
• FaEryICE / MemScanner
  Analyze Windows x64 Kernel Memory Layout
  ☆122Updated 4 years ago
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆109Updated last year
• lazypanda1729 / Kernel-Snooping
  ☆27Updated 4 months ago
• Oxygen1a1 / callstack_spoof
  ☆120Updated last year
• y11en / PEBFake
  PEBFake(修改PEB 伪装当前进程路径、参数等)
  ☆50Updated 4 years ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆84Updated last year
• M0rtale / KernelDel
  Free(or force?)file and delete it
  ☆12Updated 5 years ago
• Oxygen1a1 / DrvMon
  a monitoring windows driver calls kernel api tools
  ☆101Updated 6 months ago
• CitrusIce / ksc4cpp
  ksc4cpp is a shellcode framework for windows kernel based on C++
  ☆22Updated last year
• kouzhudong / AntiHook
  Enum and Remove Hook in Windows
  ☆36Updated last month
• fIappy / infhook19041
  ☆123Updated 4 years ago