Alternatives and similar repositories for windows

Users that are interested in windows are comparing it to the libraries listed below

• djolertrk / kovid-obfuscation-passes
  A set of LLVM and GCC based plugins that perform code obfuscation.
  ☆132Updated 3 weeks ago
• connormcgarr / Vtl1Mon
  Virtual Trust Level (VTL 1) secure call tracing
  ☆81Updated 2 months ago
• connormcgarr / SkBridge
  Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1
  ☆67Updated 2 months ago
• SamuelTulach / SecureGame
  Proof-of-concept game using VBS enclaves to protect itself from cheating
  ☆45Updated last year
• redthing1 / w1tn3ss
  dynamic binary instrumentation, analysis, and patching framework
  ☆95Updated last month
• backengineering / pdbgen2
  Generate a PDB file given the old PDB file and an address mapping
  ☆49Updated 3 months ago
• badhive / stitch
  Rewrite and obfuscate code in compiled binaries
  ☆264Updated 2 weeks ago
• vmsplit / checkm8
  bypassing intel txt's tboot integrity checks via coreboot shim
  ☆83Updated 7 months ago
• dmaivel / ntoseye
  Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
  ☆98Updated 5 months ago
• AmitMoshel1 / PatchGuardEncryptorDriver
  An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆72Updated 7 months ago
• NeoMaster831 / kurasagi
  Windows 11 24H2-25H2 Runtime PatchGuard Bypass
  ☆209Updated last week
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆38Updated last year
• carlos-al / user-kernel-syscall-hook
  ☆95Updated last year
• milankovo / zydisinfo
  ☆25Updated last month
• SamuelTulach / unxorer
  Yet another IDA Pro/Home plugin for deobfuscating stack strings
  ☆104Updated last month
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆78Updated 2 years ago
• ssnob / hidden_syscall_monitoring
  monitors hidden syscalls called from call of duty anticheat
  ☆86Updated 10 months ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆118Updated 2 years ago
• m417z / x64dbg-symbol-tldr
  An x64dbg plugin which helps make sense of long C++ symbols
  ☆57Updated 2 years ago
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆35Updated 3 years ago
• android1337 / brkida
  C++ macro for x64 programs that breaks ida hex-rays decompiler tool.
  ☆129Updated last year
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆42Updated last year
• tyranid / windows-memory-access-traps
  A few examples of how to trap virtual memory access on Windows.
  ☆35Updated 10 months ago
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆78Updated 4 months ago
• GetRektBoy724 / warbird-research
  Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)
  ☆71Updated 2 weeks ago
• tandasat / CVE-2023-36427
  Report and exploit of CVE-2023-36427
  ☆89Updated last year
• codedefender-io / sigbreaker
  All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit
  ☆25Updated 6 months ago
• kkent030315 / Van1338
  A journal for $6,000 Riot Vanguard bounty.
  ☆65Updated 2 years ago
• Idov31 / NovaHypervisor
  NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…
  ☆235Updated last month
• MrRoy09 / VMwhere
  LLVM based obfuscation engine
  ☆106Updated 4 months ago