Alternatives and similar repositories for 11Syscalls:

Users that are interested in 11Syscalls are comparing it to the libraries listed below

• zodiacon / NativePowers
  Native Powers Talk demos
  ☆14Updated last year
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆61Updated last year
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆27Updated last year
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆95Updated last year
• rbmm / TPM
  Easy encrypt/decrypt data with TPM
  ☆24Updated 10 months ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆26Updated 5 months ago
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆86Updated last year
• 3intermute / ramiel
  uefi diskless persistence technique + OVMF secureboot bypass
  ☆53Updated 8 months ago
• hasherezade / sig_finder
  Signature finder (from PE-bear)
  ☆31Updated 7 months ago
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆33Updated last year
• 0xMegaByte / COM-Explained
  ☆27Updated 2 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆89Updated 7 months ago
• dmaivel / ntoseye
  Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
  ☆63Updated 2 months ago
• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆45Updated 2 weeks ago
• jonaslyk / temp
  ☆65Updated last year
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆85Updated last year
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆53Updated 2 years ago
• zodiacon / MalDevWorkshopWebinar
  Demo from the Malware Analysis and Development Webinar
  ☆19Updated 9 months ago
• LloydLabs / process-enumeration-stealth
  ☆79Updated 4 months ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆65Updated 3 years ago
• Offensive-Panda / PEB_WALK_AND_API_OBFUSCATION_INJECTION
  This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.
  ☆12Updated 5 months ago
• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆44Updated 7 months ago
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆55Updated 11 months ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆79Updated last year
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆34Updated 2 months ago
• cristeigabriel / re-sysinternals-suite
  Code from process of reversing Sysinternals Suite for educational purposes, with videos to associate them
  ☆48Updated last year
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆54Updated 4 months ago
• ch3rn0byl / WinDbg-Extensions
  ☆18Updated 3 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• adamhlt / Cave-Finder
  Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files
  ☆61Updated last year