hfiref0x/ZeroAccess external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hfiref0x/ZeroAccess

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hfiref0x/ZeroAccess)

Close

hfiref0x / ZeroAccessView on GitHubMore

• External links
• Readme badge

ZeroAccess v3 toolkit

☆166Dec 18, 2017Updated 8 years ago

Alternatives and similar repositories for ZeroAccess

Users that are interested in ZeroAccess are comparing it to the libraries listed below

• hfiref0x / TDL

  View on GitHub
  Driver loader for bypassing Windows x64 Driver Signature Enforcement
  ☆1,201Aug 1, 2019Updated 6 years ago
• hfiref0x / Stryker

  View on GitHub
  Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
  ☆111Feb 25, 2018Updated 8 years ago
• tandasat / DrvLoader

  View on GitHub
  A command line tool to load and unload a device driver.
  ☆46Jun 10, 2017Updated 8 years ago
• BreakingMalware / PowerLoaderEx

  View on GitHub
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆382Apr 17, 2017Updated 8 years ago
• conix-security / CRET

  View on GitHub
  Remote execution tool
  ☆14Jan 14, 2014Updated 12 years ago
• hfiref0x / al-khaser

  View on GitHub
  (This is a fork used primarily to submit patches into upstream repository) Public malware techniques used in the wild: Virtual Machine, E…
  ☆19May 31, 2025Updated 9 months ago
• hfiref0x / Vault

  View on GitHub
  Various code from the past (for historical purposes)
  ☆16Aug 4, 2023Updated 2 years ago
• BreakingMalwareResearch / Captain-Hook

  View on GitHub
  ☆52Sep 15, 2016Updated 9 years ago
• hfiref0x / DSEFix

  View on GitHub
  Windows x64 Driver Signature Enforcement Overrider
  ☆799Dec 4, 2018Updated 7 years ago
• tandasat / GuardMon

  View on GitHub
  Hypervisor based tool for monitoring system register accesses.
  ☆155Sep 13, 2018Updated 7 years ago
• runvirus / Zyklon

  View on GitHub
  Zyklon H.T.T.P Remote Administration Tool - Control Panel leaked
  ☆16Mar 22, 2017Updated 9 years ago
• sogeti-esec-lab / REBoot

  View on GitHub
  Bootkits Revisited
  ☆39Jun 3, 2014Updated 11 years ago
• hfiref0x / ROCALL

  View on GitHub
  ReactOS x86-32 syscall fuzzer
  ☆58Jul 5, 2025Updated 8 months ago
• Rootkitsmm-zz / CVEXX-XX

  View on GitHub
  Windows kernel vulnerability in win32k.sys Driver
  ☆35Dec 6, 2015Updated 10 years ago
• Rootkitsmm-zz / MS15-061

  View on GitHub
  Exploiting MS15-061 local Privilege escalation
  ☆49Sep 22, 2015Updated 10 years ago
• hfiref0x / CVE-2015-1701

  View on GitHub
  Win32k LPE vulnerability used in APT attack
  ☆291Dec 18, 2017Updated 8 years ago
• EvilKnight1986 / Simrep

  View on GitHub
  windows kernel File redirection
  ☆20Sep 21, 2014Updated 11 years ago
• hfiref0x / UPGDSED

  View on GitHub
  Universal PatchGuard and Driver Signature Enforcement Disable
  ☆862Mar 29, 2019Updated 6 years ago
• MortenSchenk / DataOnlyShellcode

  View on GitHub
  ☆18Mar 20, 2017Updated 9 years ago
• hfiref0x / VMDE

  View on GitHub
  Source from VMDE paper, adapted to 2015
  ☆189Dec 18, 2017Updated 8 years ago
• hfiref0x / AsIo3Unlock

  View on GitHub
  ASUSTeK AsIO3 I/O driver unlock
  ☆23Apr 22, 2021Updated 4 years ago
• tandasat / CVE-2014-0816

  View on GitHub
  CVE-2014-0816
  ☆25Oct 5, 2016Updated 9 years ago
• nyx0 / PowerLoader

  View on GitHub
  Power Loader botnet
  ☆40Feb 25, 2015Updated 11 years ago
• hfiref0x / Misc

  View on GitHub
  Miscellaneous Code and Docs
  ☆83Jul 12, 2025Updated 8 months ago
• sin5678 / wow64hook

  View on GitHub
  wow64 syscall filter
  ☆13Nov 12, 2014Updated 11 years ago
• hryuk / Carberp

  View on GitHub
  ☆519Mar 12, 2018Updated 8 years ago
• swwwolf / wdbgark

  View on GitHub
  WinDBG Anti-RootKit Extension
  ☆646Jul 29, 2020Updated 5 years ago
• tandasat / RemoteWriteMonitor

  View on GitHub
  A tool to help malware analysts tell that the sample is injecting code into other process.
  ☆78Aug 12, 2015Updated 10 years ago
• AlephNull314 / AbsoluteZero

  View on GitHub
  Anti-AV compilation
  ☆44Oct 4, 2013Updated 12 years ago
• nyx0 / Carberp

  View on GitHub
  Carberp Banking Trojan
  ☆126Feb 25, 2015Updated 11 years ago
• Darkabode / 0lib

  View on GitHub
  Zerokit shared code
  ☆17Mar 28, 2019Updated 6 years ago
• bytecode77 / remote-assistance-privilege-escalation

  View on GitHub
  Remote Assistance Volatile Environment LPE
  ☆15Jun 28, 2025Updated 8 months ago
• nyx0 / Rovnix

  View on GitHub
  Rovnix Bootkit
  ☆121Feb 25, 2015Updated 11 years ago
• rwfpl / rewolf-ldrdebug

  View on GitHub
  Helper utility for debugging windows PE/PE+ loader.
  ☆52Mar 15, 2015Updated 11 years ago
• JKornev / NTlib

  View on GitHub
  Static library and headers for linking your software with ntdll.dll
  ☆37Dec 16, 2019Updated 6 years ago
• Rootkitsmm-zz / WinIo-Vidix

  View on GitHub
  Exploit WinIo - Vidix and Run Shellcode in Windows Kerne ( local Privilege escalation )
  ☆28Aug 30, 2015Updated 10 years ago
• hasherezade / demos

  View on GitHub
  Demos of various injection techniques found in malware
  ☆794Feb 15, 2022Updated 4 years ago
• vmcall / latebros

  View on GitHub
  x64 usermode rootkit
  ☆212Apr 11, 2018Updated 7 years ago
• netromdk / bmod

  View on GitHub
  bmod parses binaries for modification/patching and disassembles machine code sections.
  ☆12Apr 19, 2018Updated 7 years ago