Alternatives and similar repositories for Watchdog:

Users that are interested in Watchdog are comparing it to the libraries listed below

• SolomonSklash / UnhookingPOC
  A small commented POC for removing API hooks placed by AV/EDR.
  ☆33Updated 4 years ago
• f1rehaz4rd / Project-Iroh
  Offensive Windows security tooling that allows for persistance to the operating system.
  ☆10Updated 3 years ago
• crummie5 / Freshycalls_PoC
  A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯
  ☆40Updated 4 years ago
• waldo-irc / JYang
  ☆14Updated 2 years ago
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆27Updated 2 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆37Updated 3 years ago
• oneNutW0nder / CatTails
  Raw socket library/framework for red team events
  ☆34Updated 2 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• RITRedteam / Sangheili
  Custom SOCKS proxy for redteam
  ☆12Updated 2 years ago
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆54Updated 2 years ago
• alfarom256 / PebLdr
  ☆15Updated 4 years ago
• waleedassar / SyscallNumberExtractor
  ☆24Updated 3 years ago
• hotnops / COM_Mapper
  A tool to create COM class/interface relationships in neo4j
  ☆48Updated 2 years ago
• dsnezhkov / exclave
  ☆16Updated 3 years ago
• passthehashbrowns / hook-integrity-checks
  ☆20Updated 3 years ago
• TheWover / AssemblyLoader
  Loads .NET Assembly Via CLR Loader
  ☆15Updated 5 years ago
• EvanMcBroom / fuse-loader
  Load a dynamic library from memory using a fuse mount
  ☆30Updated last year
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆61Updated 2 years ago
• SolomonSklash / SeasideBishop
  A C port of b33f's UrbanBishop
  ☆38Updated 4 years ago
• RITRedteam / nosferatu
  Windows NTLM Authentication Backdoor
  ☆14Updated 3 years ago
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆31Updated 2 years ago
• xpn / ObjectOverloadingPOC
  ☆59Updated 3 years ago
• klezVirus / LoGiC.NET
  A more advanced free and open .NET obfuscator using dnlib.
  ☆10Updated 2 years ago
• SolomonSklash / COM-Hijacking
  An example of COM hijacking using a proxy DLL.
  ☆28Updated 3 years ago
• FuzzySecurity / IBM-RedCON-2020
  IBM RedCON 2020 - Throwing an AquaWrench into the Kernel
  ☆44Updated 4 years ago
• FuzzySecurity / AdvSim.Compression
  Simple and sane compression wrapper library.
  ☆18Updated 2 years ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆65Updated 3 years ago
• Adepts-Of-0xCC / SnoopyOwl
  ☆47Updated 3 years ago
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆32Updated 3 years ago
• passthehashbrowns / suspendedunhook
  ☆37Updated 3 years ago