Alternatives and similar repositories for ZeroAccess

Users that are interested in ZeroAccess are comparing it to the libraries listed below

• nyx0 / Carberp
  Carberp Banking Trojan
  ☆114Updated 10 years ago
• MalwareTech / FakeMBR
  TDL4 style rootkit to spoof read/write requests to master boot record
  ☆131Updated 7 years ago
• nyx0 / Tinba
  Tinba Banking Trojan
  ☆85Updated 10 years ago
• therealdreg / anticuckoo
  A tool to detect and crash Cuckoo Sandbox
  ☆295Updated 10 months ago
• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆368Updated 8 years ago
• nyx0 / Rovnix
  Rovnix Bootkit
  ☆118Updated 10 years ago
• hryuk / Carberp
  ☆515Updated 7 years ago
• BromiumLabs / PackerAttacker
  C++ application that uses memory and code hooks to detect packers
  ☆270Updated 7 years ago
• Cr4sh / WindowsRegistryRootkit
  Kernel rootkit, that lives inside the Windows registry values data
  ☆496Updated 7 years ago
• Professor-plum / Reflective-Driver-Loader
  ☆398Updated 8 years ago
• hfiref0x / VMDE
  Source from VMDE paper, adapted to 2015
  ☆182Updated 7 years ago
• secrary / InfectPE
  InfectPE - Inject custom code into PE file [This project is not maintained anymore]
  ☆324Updated 8 years ago
• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆186Updated 7 years ago
• nyx0 / KINS
  KINS Banking Trojan
  ☆61Updated 10 years ago
• hasherezade / chimera_pe
  ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…
  ☆224Updated 2 years ago
• MalwareTech / FstHook
  A library for intercepting native functions by hooking KiFastSystemCall
  ☆73Updated 5 years ago
• BorjaMerino / Pazuzu
  Pazuzu: Reflective DLL to run binaries from memory
  ☆216Updated 4 years ago
• MalwareTech / TinyXPB
  Windows XP 32-Bit Bootkit
  ☆145Updated 10 years ago
• waleedassar / antidebug
  Collection Of Anti-Debugging Tricks
  ☆99Updated 9 years ago
• Spajed / processrefund
  An attempt at Process Doppelgänging
  ☆181Updated 7 years ago
• hackedteam / scout-win
  Scout backdoor for Windows
  ☆115Updated 9 years ago
• rsmusllp / syringe
  A General Purpose DLL & Code Injection Utility
  ☆154Updated 7 years ago
• ivildeed / vmw_vmx_overloader
  Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw
  ☆136Updated 8 years ago
• conix-security / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆362Updated 10 years ago
• dismantl / ImprovedReflectiveDLLInjection
  An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
  ☆324Updated 7 years ago
• Cn33liz / TpmInitUACBypass
  Bypassing User Account Control (UAC) using TpmInit.exe
  ☆128Updated 8 years ago
• CyberPoint / Ruxcon2016ETW
  Ruxcon2016 POC Code
  ☆139Updated 8 years ago
• WithSecureLabs / doublepulsar-usermode-injector
  A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use…
  ☆118Updated 7 years ago
• tinysec / windows-syscall-table
  windows syscall table from xp ~ 10 rs4
  ☆353Updated 6 years ago
• abhisek / Pe-Loader-Sample
  Proof of concept implementation of in-memory PE Loader based on ReflectiveDLLInjection Technique
  ☆152Updated 6 years ago