Alternatives and similar repositories for uefi-rootkit:

Users that are interested in uefi-rootkit are comparing it to the libraries listed below

• xsh3llsh0ck / ResilienceKit
  Another UEFI runtime bootkit
  ☆29Updated last year
• pRain1337 / Hermes
  SMM UEFI module and client for UMD privilege escalation
  ☆37Updated last year
• xsh3llsh0ck / MilkBox
  Tool to dump EFI runtime drivers.
  ☆35Updated last year
• brew02 / BudgetEPT
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆36Updated 5 months ago
• senko37 / drvload-bootkit
  EFI bootkit for loading unsigned drivers
  ☆17Updated 9 months ago
• Sinclairq / tp-emulator
  A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe
  ☆71Updated last year
• backengineering / Voyager
  A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)
  ☆54Updated last year
• ekknod / efi-monitor
  just proof of concept. hooking MmCopyMemory PG safe.
  ☆68Updated last year
• GetRektBoy724 / KPDB
  Windows PDB parser for kernel-mode environment.
  ☆95Updated 2 years ago
• SamuelTulach / HookGuard
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆158Updated 2 months ago
• x0reaxeax / rwlazer64
  Win64 UEFI Driver-based tool for unrestricted memory R/W
  ☆28Updated 3 years ago
• synctop / tpm-mmio
  Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.
  ☆42Updated 10 months ago
• xsh3llsh0ck / Deadwing
  SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
  ☆82Updated 5 months ago
• donnaskiez / nmi
  nmi stackwalking + module verification
  ☆107Updated last year
• BeneficialCode / KReClassEx
  Kernel ReClassEx
  ☆65Updated last year
• shaygitub / windows-rootkit
  windows rootkit
  ☆58Updated 10 months ago
• gmh5225 / ida-find-.data-ptr
  A simple ida python script to find .data ptr
  ☆50Updated last year
• 4l3x777 / dse_pg_bypass
  DSE & PG bypass via BYOVD attack
  ☆44Updated 11 months ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆119Updated last year
• Oliver-1-1 / SmmInfect
  ☆163Updated last week
• 3itch / checkm8
  bypassing intel txt's tboot integrity checks via coreboot shim
  ☆64Updated 2 weeks ago
• jonomango / nohv
  Kernel driver for detecting Intel VT-x hypervisors.
  ☆178Updated last year
• li4321 / baker
  ☆29Updated 2 months ago
• ekknod / SubGetVariable
  Old project (2020) reformed. Modifies gRT->GetVariable sub function from EFI_APPLICATION. Tested on Win10 22H2 (AMD).
  ☆50Updated last year
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆63Updated last year
• irql / nokd
  reverse engineering of the windows nt kernel debugger protocol & reimplementation.
  ☆23Updated 8 months ago
• kkent030315 / anyvtop
  x64 Windows implementation of virtual-address to physical-address translation
  ☆40Updated 3 years ago
• jonomango / chum
  Binary rewriter for 64-bit PE files.
  ☆70Updated last year
• TheDuchy / rdtsc-cpuid-vm-check
  PoC that measures how long it takes the CPU to execute the CPUID instruction and reports if it suspects a VM. Works on both Windows and L…
  ☆25Updated 4 years ago
• armvirus / VanguardTrace
  Decrypting and intercepting encrypted imports of Vanguards Kernel Driver
  ☆25Updated last year