Alternatives and similar repositories for ProcessStealth:

Users that are interested in ProcessStealth are comparing it to the libraries listed below

• HadarShahar / process-hiders
  Hides processes from the windows task manager using IAT hooking.
  ☆19Updated 4 years ago
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆18Updated 2 years ago
• Lima-X / Win32.Nebula
  A packed & protected Module Loader and more, for 64-bit Windows
  ☆29Updated 4 years ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆18Updated 2 years ago
• Narumiii / phantommap
  Phantom DLL Hollowing method implemented in modmap
  ☆17Updated 3 years ago
• XShar / simple_mutate_pe_x86
  Мутация PE x86
  ☆15Updated 5 years ago
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆35Updated 4 years ago
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆25Updated 5 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆38Updated 3 years ago
• boom-cr3 / NotifyRoutineHijackThread
  Hijack NotifyRoutine for a kernelmode thread
  ☆41Updated 2 years ago
• kkent030315 / anyelevate
  x64 Windows privilege elevation using anycall
  ☆21Updated 3 years ago
• MahmoudZohdy / Anti-Analysis-DebuggerInjection
  Anti-Analysis technique, trick the debugger by Hiding events from it.
  ☆19Updated 3 years ago
• Lima-X / XOrCryptEx
  XOrCryptEx lightweight C Utility/Algorithm
  ☆11Updated 3 years ago
• XaFF-XaFF / MBR-Overwrite-with-custom-message
  Overwrite MBR and add own custom message
  ☆16Updated 5 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆70Updated last year
• d35ha / DumpPE
  Dump mapped PE files from memory to the disk
  ☆19Updated 5 years ago
• MahmoudZohdy / DLL-Obfuscation-V2
  Load Encrypted Dll Using LoadLibraryA, Keep The Dll Encrypted on disc all the time and decrypt it only in memory.
  ☆18Updated 3 years ago
• ryan-weil / Code-Cave
  Injects position-dependent code into a code cave in an executable file, and applies relocations.
  ☆22Updated last year
• Codeh4ck / MemoryPEInjector
  A tool that reads a PE file from a byte array buffer and injects it into memory.
  ☆27Updated 5 years ago
• mathisvickie / CVE-2021-27965
  stack based buffer overflow in MsIo64.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆11Updated 3 years ago
• emlinhax / DriverTimestampFaker
  Fake Timestamps of Driver Certificates while keeping validity.
  ☆17Updated 3 years ago
• cocomelonc / 2022-01-14-malware-injection-13
  Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example
  ☆17Updated 3 years ago
• NUL0x4C / RecycleBinPersistence
  using the Recycle Bin to insure persistence
  ☆12Updated 2 years ago
• h311d1n3r / LetsHook
  A Windows API hooking library !
  ☆31Updated 2 years ago
• ekknod / SetWindowHookEx
  Using SetWindowHookEx for preinjected DLL's
  ☆59Updated 2 years ago
• ssyuqixe / obfCoder
  A simple program to obfuscate code written in cpp.
  ☆48Updated 10 months ago
• ZeroMemoryEx / TrampHook
  x86 Trampoline Hook
  ☆40Updated 2 years ago
• HFaeiro / Remote-Admin-Tool
  Simple remote administration tool. Written in c++ and MASM.
  ☆18Updated 6 years ago
• Jasper1467 / WindowsDefender_Rebuild
  An attempt at reversing WindowsDefender
  ☆20Updated 5 months ago
• tandasat / CVE-2022-25949
  A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
  ☆38Updated 3 years ago