Alternatives and similar repositories for shadow-rs:

Users that are interested in shadow-rs are comparing it to the libraries listed below

• memN0ps / arsenal-rs
  Rusty Arsenal - A collection of experimental Process Injection and Post-Exploitation Techniques in Rust
  ☆245Updated last year
• eversinc33 / Banshee
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆521Updated this week
• Kudaes / EPI
  Threadless Process Injection through entry point hijacking
  ☆342Updated 5 months ago
• Kudaes / Shelter
  ROP-based sleep obfuscation to evade memory scanners
  ☆327Updated last week
• memN0ps / redlotus-rs
  Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)
  ☆522Updated last year
• memN0ps / eagle-rs
  Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
  ☆543Updated last year
• Azr43lKn1ght / Rusty-PE-Packer
  ☆214Updated last month
• Krypteria / AtlasLdr
  Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
  ☆359Updated 4 months ago
• CICADA8-Research / Spyndicapped
  COM ViewLogger — new malware keylogging technique
  ☆341Updated last month
• memN0ps / venom-rs
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆333Updated 11 months ago
• Tylous / FaceDancer
  FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…
  ☆250Updated 4 months ago
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆273Updated 8 months ago
• S12cybersecurity / WinDefenderKiller
  Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
  ☆442Updated last year
• Nariod / RustPacker
  Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.
  ☆265Updated 6 months ago
• tykawaii98 / CVE-2024-30088
  ☆246Updated 6 months ago
• MzHmO / Exploit-Street
  Complete list of LPE exploits for Windows (starting from 2023)
  ☆744Updated this week
• frkngksl / Shoggoth
  Shoggoth: Asmjit Based Polymorphic Encryptor
  ☆705Updated 10 months ago
• Kudaes / DInvoke_rs
  Dynamically invoke arbitrary unmanaged code
  ☆331Updated 3 months ago
• cpu0x00 / Ghost
  Evasive shellcode loader
  ☆343Updated 4 months ago
• Kudaes / Unwinder
  Call stack spoofing for Rust
  ☆317Updated 2 weeks ago
• janoglezcampos / rust_syscalls
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆208Updated last year
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆298Updated 2 weeks ago
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆203Updated 3 months ago
• kleiton0x00 / Proxy-DLL-Loads
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆333Updated last week
• hakaioffsec / CVE-2024-21338
  Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
  ☆285Updated 10 months ago
• reveng007 / DarkWidow
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆628Updated 4 months ago
• daem0nc0re / VectorKernel
  PoCs for Kernelmode rootkit techniques research.
  ☆354Updated last month
• Maldev-Academy / HellHall
  Performing Indirect Clean Syscalls
  ☆514Updated last year
• chompie1337 / Windows_LPE_AFD_CVE-2023-21768
  LPE exploit for CVE-2023-21768
  ☆486Updated last year
• S3N4T0R-0X0 / BEAR
  Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…
  ☆327Updated 4 months ago