Alternatives and similar repositories for HideAndProtect

Users that are interested in HideAndProtect are comparing it to the libraries listed below

• malcomvetter / WMIProcessWatcher
  An example pattern in C# for using WMI to monitor process creation and termination events.
  ☆52Updated 7 years ago
• nettitude / DLLInjection
  DLL Injection Library & Tools
  ☆72Updated 9 years ago
• hasherezade / IAT_patcher_samples
  Sample libraries to be used with IAT Patcher
  ☆34Updated 2 years ago
• michaelbadichi / RunAsSystem
  ☆33Updated 10 years ago
• glinares / CSCGuard
  Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation
  ☆25Updated 7 years ago
• herrcore / CmdDesktopSwitch
  CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to i…
  ☆35Updated 9 years ago
• malcomvetter / AntiDebug
  PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.
  ☆32Updated 7 years ago
• jschicht / PowerMft
  Powerful commandline $MFT record editor.
  ☆25Updated 10 years ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆20Updated 7 years ago
• jthuraisamy / av-fingerprints
  Antivirus Emulator Fingerprints
  ☆29Updated 6 years ago
• own2pwn / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆28Updated 7 years ago
• jasondrawdy / ShellGen
  Dynamic and extensible shell code generator with multiple output types which can be formatted in binary, hexadecimal, and the typical she…
  ☆19Updated 5 years ago
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 7 years ago
• d35ha / RunPE
  An example of PE hollowing injection technique
  ☆24Updated 6 years ago
• ohjeongwook / LoadDLL
  Windows DLL Loading Utility
  ☆12Updated 5 years ago
• ewhitehats / kovterTools
  ☆35Updated 7 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆37Updated 6 years ago
• hasherezade / decryptors_archive
  Archive of ransomware decryptors
  ☆31Updated 7 years ago
• libyal / libfwevt
  Library for Windows XML Event Log (EVTX) data types
  ☆18Updated 11 months ago
• HarmJ0y / Arya
  Arya is a simple obfuscator for .NET binaries.
  ☆39Updated 7 years ago
• carnal0wnage / ApplicationWhitelistBypassTechniques
  A Catalog of Application Whitelisting Bypass Techniques
  ☆31Updated 10 years ago
• codingtest / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆27Updated 7 years ago
• ufrisk / shellcode64
  A minimal tool to extract shellcode from 64-bit PE binaries.
  ☆51Updated 3 years ago
• hasherezade / hidden_bee_tools
  Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware
  ☆55Updated 3 weeks ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆32Updated 4 years ago
• freesoul / netstub
  Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.
  ☆15Updated 6 years ago
• olliencc / WindowsPatchDetector
  Experimental: Windows .text section compare - disk versus memory
  ☆15Updated 10 years ago
• Microwave89 / injector
  Code Injector Using Code Caves
  ☆15Updated 10 years ago
• guitmz / msil-cecil-injection
  Injection of MSIL using Cecil
  ☆12Updated 10 years ago