Alternatives and similar repositories for snc:

Users that are interested in snc are comparing it to the libraries listed below

• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆62Updated last year
• ldpreload / werkernel
  Windows LPE Nday
  ☆25Updated 11 months ago
• brosck / Frosty
  「🧊」Ring 3 Rootkit for Windows 10
  ☆59Updated 3 months ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆106Updated last year
• tykawaii98 / CVE-2024-21338_PoC
  ☆39Updated 9 months ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆56Updated 2 years ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆53Updated 8 months ago
• farinap5 / bitmap4shell
  A (quite) simple steganography algorithm to hide shellcodes within bitmap image.
  ☆21Updated 10 months ago
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆64Updated 3 weeks ago
• Meowmycks / etwunhook
  Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
  ☆46Updated last year
• ZeroMemoryEx / Overlord
  abusing Process Hacker driver to terminate other processes (BYOVD)
  ☆82Updated last year
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆44Updated last year
• capt-meelo / KernelCallbackTable-Injection
  Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
  ☆120Updated 2 years ago
• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆68Updated last year
• aaftr / Thread-Pool-Injection-PoC
  Proof of concept code for thread pool based process injection in Windows.
  ☆115Updated this week
• Hagrid29 / BYOVDKit
  bring your own vulnerable driver
  ☆92Updated last year
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆101Updated 2 years ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆140Updated 3 weeks ago
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆52Updated 9 months ago
• raykaryshyn / FakeTLS
  Client/server code that impersonates TLS 1.3 to disguise C2 activity.
  ☆65Updated 2 years ago
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆100Updated last year
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆83Updated 2 years ago
• Cracked5pider / eop24-26229
  A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user
  ☆39Updated 7 months ago
• xalicex / LOLDrivers_finder
  ☆78Updated last year
• AzAgarampur / byeintegrity9-uac
  ☆36Updated 2 years ago
• aplyc1a / PEMemoryLoader
  Load static-compiled PE from remote server.
  ☆60Updated 3 years ago
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆36Updated 2 years ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆54Updated 7 months ago
• waawaa / breakcyserver
  ☆47Updated 2 years ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆69Updated 5 months ago