Alternatives and similar repositories for GH_AntiDebug_Bypass_Practice_Tool

Users that are interested in GH_AntiDebug_Bypass_Practice_Tool are comparing it to the libraries listed below

• mike1k / perses
  X86 Mutation Engine with Portable Executable compatibility.
  ☆526Updated 3 years ago
• Barracudach / CallStack-Spoofer
  This tool will allow you to spoof the return addresses of your functions as well as system functions.
  ☆513Updated 2 years ago
• Xyrem / Yumekage
  Demo proof of concept for shadow regions, and implementation of HyperDeceit.
  ☆296Updated 2 years ago
• hfiref0x / WubbabooMark
  Debugger Anti-Detection Benchmark
  ☆365Updated last month
• kkent030315 / anycall
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆357Updated 3 years ago
• nelfo / Milfuscator
  x86 PE Mutator
  ☆226Updated 2 years ago
• Oliver-1-1 / GhostMapper
  ☆322Updated 4 months ago
• NullArray / WinKernel-Resources
  A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …
  ☆159Updated 3 years ago
• Xyrem / HyperDeceit
  HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…
  ☆379Updated 2 years ago
• mike1k / HookHunter
  Analyze patches in a process
  ☆256Updated 4 years ago
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆305Updated 11 months ago
• d35ha / xObf
  Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine
  ☆274Updated 2 years ago
• ryan-weil / HideProcessHook
  DLL that hooks the NtQuerySystemInformation API and hides a process name
  ☆295Updated 2 years ago
• charliewolfe / Stealthy-Kernelmode-Injector
  Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…
  ☆360Updated 3 years ago
• namazso / physmem_drivers
  A collection of various vulnerable (mostly physical memory exposing) drivers.
  ☆413Updated 3 years ago
• MahmoudZohdy / Process-Injection-Techniques
  Various Process Injection Techniques
  ☆158Updated 3 years ago
• can1357 / hvdetecc
  Collection of hypervisor detections
  ☆270Updated last year
• SamuelTulach / RwxMeme
  State of the art DLL injector that took 20 minutes to make
  ☆220Updated 2 years ago
• stevemk14ebr / RETools
  My reversing tools. Some custom, some not.
  ☆208Updated last year
• VollRagm / lpmapper
  A mapper that maps shellcode into loaded large page drivers
  ☆300Updated 3 years ago
• alexvogt91 / Kernel-dll-injector
  Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
  ☆422Updated 7 years ago
• es3n1n / obfuscator
  PE bin2bin obfuscator
  ☆769Updated 5 months ago
• vxlang / vxlang-page
  protector & obfuscator & code virtualizer
  ☆637Updated this week
• snowsnowsnows / EagleVM
  Native code virtualizer for x64 binaries
  ☆504Updated 9 months ago
• AdamOron / PatchGuardBypass
  Bypassing PatchGuard on modern x64 systems
  ☆265Updated 2 years ago
• adamhlt / Process-Hollowing
  Process Hollowing in C++ (x86 / x64) - Process PE image replacement
  ☆168Updated 2 years ago
• armvirus / SinMapper
  usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …
  ☆448Updated 3 years ago
• zer0condition / ReverseKit
  x64 Dynamic Reverse Engineering Toolkit
  ☆710Updated 2 years ago
• nkga / cheat-driver
  Kernel mode driver for reading/writing process memory. C/Win32.
  ☆301Updated 7 years ago
• ergrelet / themida-unmutate
  Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.
  ☆302Updated last year