Alternatives and similar repositories for ZeroAccess:

Users that are interested in ZeroAccess are comparing it to the libraries listed below

• MalwareTech / FakeMBR
  TDL4 style rootkit to spoof read/write requests to master boot record
  ☆130Updated 7 years ago
• nyx0 / Carberp
  Carberp Banking Trojan
  ☆110Updated 10 years ago
• nyx0 / Tinba
  Tinba Banking Trojan
  ☆84Updated 10 years ago
• nyx0 / Rovnix
  Rovnix Bootkit
  ☆120Updated 10 years ago
• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆363Updated 7 years ago
• therealdreg / anticuckoo
  A tool to detect and crash Cuckoo Sandbox
  ☆292Updated 8 months ago
• Cr4sh / WindowsRegistryRootkit
  Kernel rootkit, that lives inside the Windows registry values data
  ☆490Updated 7 years ago
• MalwareTech / TinyXPB
  Windows XP 32-Bit Bootkit
  ☆144Updated 10 years ago
• Spajed / processrefund
  An attempt at Process Doppelgänging
  ☆184Updated 7 years ago
• waleedassar / antidebug
  Collection Of Anti-Debugging Tricks
  ☆99Updated 9 years ago
• HexHive / malWASH
  ☆113Updated 8 years ago
• hryuk / Carberp
  ☆518Updated 7 years ago
• secretsquirrel / recomposer
  Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.
  ☆131Updated 11 years ago
• MalwareTech / ZombifyProcess
  Inject code into a legitimate process
  ☆143Updated 10 years ago
• BromiumLabs / PackerAttacker
  C++ application that uses memory and code hooks to detect packers
  ☆270Updated 7 years ago
• ivildeed / vmw_vmx_overloader
  Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw
  ☆135Updated 7 years ago
• hasherezade / chimera_pe
  ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…
  ☆220Updated 2 years ago
• hfiref0x / VMDE
  Source from VMDE paper, adapted to 2015
  ☆181Updated 7 years ago
• hasherezade / process_chameleon
  A process overwriting its own PEB to make an illusion that it has been loaded from a different path.
  ☆94Updated 3 years ago
• m0n0ph1 / Win64-Rovnix-VBR-Bootkit
  Win64/Rovnix - Volume Boot Record Bootkit
  ☆171Updated 9 years ago
• Cn33liz / TpmInitUACBypass
  Bypassing User Account Control (UAC) using TpmInit.exe
  ☆127Updated 8 years ago
• nyx0 / KINS
  KINS Banking Trojan
  ☆62Updated 10 years ago
• secrary / InfectPE
  InfectPE - Inject custom code into PE file [This project is not maintained anymore]
  ☆323Updated 7 years ago
• MalwareTech / UACElevator
  Passive UAC elevation using dll infection
  ☆73Updated 10 years ago
• BorjaMerino / Pazuzu
  Pazuzu: Reflective DLL to run binaries from memory
  ☆214Updated 4 years ago
• MalwareTech / FstHook
  A library for intercepting native functions by hooking KiFastSystemCall
  ☆72Updated 4 years ago
• Professor-plum / Reflective-Driver-Loader
  ☆393Updated 8 years ago
• m0n0ph1 / Basic-File-Crypter
  Process Hollowing techniques as used in many file Crypters (C/C++)
  ☆82Updated 4 years ago
• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆184Updated 7 years ago
• kgretzky / python-x86-obfuscator
  This is a **WIP** tool that performs shellcode obfuscation in x86 instruction set.
  ☆236Updated 8 years ago