Alternatives and similar repositories for ZeroCrumb

Users that are interested in ZeroCrumb are comparing it to the libraries listed below

• hid3rx / GhostWriting
  ☆30Updated last year
• scrt / KexecDDPlus
  Exploiting the KsecDD Windows driver through Server Silos
  ☆70Updated 6 months ago
• alfarom256 / HPHardwareDiagnostics-PoC
  PoC exploit for HP Hardware Diagnostic's EtdSupp driver
  ☆50Updated 2 years ago
• Meowmycks / etwunhook
  Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
  ☆47Updated last year
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆38Updated 8 months ago
• Teach2Breach / moonwalk
  find dll base addresses without PEB WALK
  ☆87Updated last week
• NtDallas / Fenrir
  stack spoofing
  ☆85Updated 6 months ago
• Crypt0s / Ekko_CFG_Bypass
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆100Updated 2 years ago
• rbmm / RtlClone
  ☆38Updated 3 months ago
• farinap5 / bitmap4shell
  A (quite) simple steganography algorithm to hide shellcodes within bitmap image.
  ☆21Updated last year
• HackerCalico / StackSpoofer_Macro
  An easy-to-use and powerful Macro for Stack Spoofing.
  ☆20Updated 4 months ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆92Updated 2 years ago
• lem0nSec / Dsebler
  Reimplementation of the KExecDD DSE bypass technique.
  ☆46Updated 8 months ago
• ReCryptLLC / CVE-2022-42045
  ☆39Updated last year
• cainiao1992 / ollvm-mingw
  An Obfuscator-LLVM based mingw-w64 toolchain.
  ☆39Updated 3 years ago
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆63Updated last month
• ldpreload / werkernel
  Windows LPE Nday
  ☆25Updated last year
• tijme / relocatable
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆51Updated 3 months ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆84Updated 2 years ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆36Updated last year
• JanielDary / weetabix
  A C++ PoC implementation for enumerating Windows Fibers directly from memory
  ☆19Updated last year
• jdu2600 / Etw-SyscallMonitor
  Monitors ETW for security relevant syscalls maintaining the set called by each unique process
  ☆78Updated 2 years ago
• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆63Updated 2 years ago
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆31Updated last year
• maziland / StackBombing
  Next gen process injection technique
  ☆53Updated 4 years ago
• lazypanda1729 / Kernel-Snooping
  ☆29Updated 8 months ago
• DriverHunter / Win-Driver-EXP
  This repo contains EXPs about Vulnerable Windows Driver
  ☆45Updated 11 months ago
• HulkOperator / CallStackSpoofer
  ☆30Updated 4 months ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆41Updated 2 years ago
• AmitMoshel1 / PatchGuardEncryptorDriver
  An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆63Updated last month