Alternatives and similar repositories for InstantSuspend

Users that are interested in InstantSuspend are comparing it to the libraries listed below

• EvilBytecode / Amsi-Patch-Updated-2025
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆21Updated 3 months ago
• leftp / FirewallMoniker
  A C# implementation that disables Windows Firewall bypassing UAC
  ☆15Updated 9 months ago
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆16Updated 2 years ago
• synacktiv / windows_kernel_shadow_stack
  Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.
  ☆51Updated 2 months ago
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆46Updated last year
• farinap5 / bitmap4shell
  A (quite) simple steganography algorithm to hide shellcodes within bitmap image.
  ☆21Updated last year
• wolfcod / beacondbg
  Beacon Debugger
  ☆40Updated 9 months ago
• not-matthias / vmprotect-rs
  Rust bindings for VMProtect.
  ☆26Updated last year
• trickster0 / CReadMemory
  Read Memory without ReadProcessMemory for Current Process
  ☆76Updated 3 years ago
• ig-labs / defender-mpengine-fuzzing
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆29Updated last week
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆47Updated last year
• Azvanzed / vmw-logger-rs
  A VMWare logger using built-in backdoor.
  ☆30Updated 9 months ago
• MrRoy09 / VMwhere
  LLVM based obfuscation engine
  ☆95Updated last month
• Sh3lldon / WinPWN
  This repo for Windows x32-x64 Kernel/Driver/User Mode Exploitation writeups and exploits
  ☆25Updated last year
• EvilBytecode / Eset-Unload
  Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …
  ☆10Updated 3 months ago
• UmaRex01 / HookSentry
  Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.
  ☆34Updated 3 months ago
• scrt / KexecDDPlus
  Exploiting the KsecDD Windows driver through Server Silos
  ☆73Updated 8 months ago
• m3rcer / IRvana
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆82Updated this week
• realoriginal / bootlicker
  bootlicker: A terribly written but functioning UEFI shellcode bootkit patched into a firmware volume or boot device on the EFI partition
  ☆30Updated 5 months ago
• Cracked5pider / Rhaast
  doesnt work and wont work on it anymore
  ☆9Updated last year
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆62Updated last year
• eversinc33 / GpuDecryptShellcode
  XOR decrypting shellcode using the GPU with OpenCL.
  ☆100Updated 2 months ago
• Dor00tkit / BamExtensionTableHook
  Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…
  ☆86Updated last month
• jsacco / PPL_Bypass
  ☆11Updated 3 years ago
• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆56Updated 7 months ago
• tykawaii98 / CVE-2024-21338_PoC
  ☆39Updated last year
• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆64Updated 2 years ago
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆49Updated 6 months ago
• Kharos102 / ReadWriteDriverSample
  ☆22Updated last year
• baiyies / CrossInject
  32 bit process inject shellcode to 32 bit process and 64 bit process
  ☆35Updated 2 years ago