Alternatives and similar repositories for ProcessStealth:

Users that are interested in ProcessStealth are comparing it to the libraries listed below

• HadarShahar / process-hiders
  Hides processes from the windows task manager using IAT hooking.
  ☆19Updated 3 years ago
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆35Updated 3 years ago
• Narumiii / phantommap
  Phantom DLL Hollowing method implemented in modmap
  ☆17Updated 3 years ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆18Updated 2 years ago
• MahmoudZohdy / Anti-Analysis-DebuggerInjection
  Anti-Analysis technique, trick the debugger by Hiding events from it.
  ☆19Updated 3 years ago
• MahmoudZohdy / DLL-Obfuscation-V2
  Load Encrypted Dll Using LoadLibraryA, Keep The Dll Encrypted on disc all the time and decrypt it only in memory.
  ☆18Updated 3 years ago
• Jasper1467 / WindowsDefender_Rebuild
  An attempt at reversing WindowsDefender
  ☆20Updated 4 months ago
• XaFF-XaFF / MBR-Overwrite-with-custom-message
  Overwrite MBR and add own custom message
  ☆15Updated 4 years ago
• Codeh4ck / MemoryPEInjector
  A tool that reads a PE file from a byte array buffer and injects it into memory.
  ☆27Updated 5 years ago
• exploitblizzard / Windows-Privilege-Escalation-CVE-2021-1732
  Read my blog for more info -
  ☆32Updated 3 years ago
• mathisvickie / CVE-2021-27965
  stack based buffer overflow in MsIo64.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆11Updated 3 years ago
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆18Updated 2 years ago
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆24Updated 5 years ago
• 0x44F / WinKit
  💻 Windows 10 Kernel-mode rootkit
  ☆31Updated 2 years ago
• ssyuqixe / obfCoder
  A simple program to obfuscate code written in cpp.
  ☆48Updated 9 months ago
• ryan-weil / Code-Cave
  Injects position-dependent code into a code cave in an executable file, and applies relocations.
  ☆21Updated last year
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 3 years ago
• AzAgarampur / byeintegrity-lite
  Bypass UAC by abusing shell protocol handlers
  ☆14Updated 3 years ago
• whokilleddb / A-Study-in-Obfuscation
  A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
  ☆41Updated 2 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆38Updated 3 years ago
• d35ha / DumpPE
  Dump mapped PE files from memory to the disk
  ☆19Updated 5 years ago
• lem0nSec / Alcatraz
  An example of Windows self-replicating malware.
  ☆10Updated 2 years ago
• kkent030315 / anyelevate
  x64 Windows privilege elevation using anycall
  ☆21Updated 3 years ago
• tandasat / CVE-2022-25949
  A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
  ☆37Updated 2 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆28Updated 3 years ago
• namazso / PEDiffGen
  Subtract one PE file from another!
  ☆20Updated 3 years ago
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆31Updated 2 years ago
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆52Updated 2 years ago
• Lima-X / Win32.Nebula
  A packed & protected Module Loader and more, for 64-bit Windows
  ☆28Updated 3 years ago
• ekknod / SetWindowHookEx
  Using SetWindowHookEx for preinjected DLL's
  ☆57Updated 2 years ago