Alternatives and similar repositories for UCantSeeM3:

Users that are interested in UCantSeeM3 are comparing it to the libraries listed below

• exploitblizzard / UAC-Bypass
  Bypassing windows uac, however its an old approach/method but its still unpatched ¯\_(ツ)_/¯
  ☆42Updated 3 years ago
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆80Updated 2 years ago
• Intrus1ve / Runpe-ProcessHollowing
  Fud Runpe Av Evasion / All Av Bypass
  ☆32Updated 2 years ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆83Updated last year
• ZeroMemoryEx / URootkit
  user-mode Rootkit
  ☆104Updated 2 years ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆106Updated last year
• janoglezcampos / c_syscalls
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆133Updated 2 years ago
• iilegacyyii / ExportDumper
  A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.
  ☆69Updated 2 years ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆135Updated 2 years ago
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆35Updated 4 years ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆72Updated 3 years ago
• dr4k0nia / MurkyStrings
  A string obfuscator for .NET apps, built to evade static string analysis.
  ☆101Updated 2 years ago
• AzAgarampur / byeintegrity5-uac
  Bypass UAC at any level by abusing the Task Scheduler and environment variables
  ☆31Updated 3 years ago
• aaaddress1 / sakeInject
  Windows PE - TLS (Thread Local Storage) Injector in C/C++
  ☆105Updated 4 years ago
• 0x44F / WinKit
  💻 Windows 10 Kernel-mode rootkit
  ☆31Updated 2 years ago
• AzAgarampur / byeintegrity2-uac
  Bypass UAC by abusing the Internet Explorer Add-on installer
  ☆53Updated 3 years ago
• NUL0x4C / DeleteShadowCopies
  Deleting Shadow Copies In Pure C++
  ☆114Updated 2 years ago
• xenoscr / manual-syscall-detect
  A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
  ☆108Updated 3 years ago
• nqntmqmqmb / pePolymorpher
  A tool implementing process hollowing making your PE polymorphic
  ☆14Updated 4 years ago
• Kara-4search / FullDLLUnhooking_CSharp
  Unhook DLL via cleaning the DLL 's .text section
  ☆9Updated 3 years ago
• ZeroMemoryEx / Overlord
  abusing Process Hacker driver to terminate other processes (BYOVD)
  ☆81Updated last year
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆90Updated 8 months ago
• Hemogl0bin / drvscanner
  Scan for potentially vulnerable drivers
  ☆83Updated 2 years ago
• irql / CVE-2021-31728
  vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.
  ☆91Updated 3 years ago
• trickster0 / LdrLoadDll-Unhooking
  LdrLoadDll Unhooking
  ☆124Updated 3 years ago
• reevesrs24 / EvasiveProcessHollowing
  Evasive Process Hollowing Techniques
  ☆136Updated 4 years ago
• LloydLabs / process-enumeration-stealth
  ☆80Updated 6 months ago
• PL-V / Firefox-Grabber
  Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
  ☆42Updated 2 years ago
• trickster0 / CReadMemory
  Read Memory without ReadProcessMemory for Current Process
  ☆75Updated 3 years ago
• Wra7h / ARCInject
  Overwrite a process's recovery callback and execute with WER
  ☆102Updated 2 years ago