Alternatives and similar repositories for BlackLotus

Users that are interested in BlackLotus are comparing it to the libraries listed below

• vxunderground / VX-API
  Collection of various malicious functionality to aid in malware development
  ☆1,840Updated last year
• Idov31 / Nidhogg
  Nidhogg is an all-in-one simple to use windows kernel rootkit.
  ☆2,199Updated last week
• weak1337 / Alcatraz
  x64 binary obfuscator
  ☆1,957Updated 2 years ago
• memN0ps / redlotus-rs
  Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)
  ☆562Updated 2 years ago
• ZeroMemoryEx / Chaos-Rootkit
  Now You See Me, Now You Don't
  ☆1,025Updated 2 weeks ago
• XaFF-XaFF / Black-Angel-Rootkit
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆671Updated 2 years ago
• magicsword-io / LOLDrivers
  Living Off The Land Drivers
  ☆1,386Updated this week
• ZeroMemoryEx / Blackout
  kill anti-malware protected processes ( BYOVD )
  ☆970Updated 2 years ago
• Xacone / BestEdrOfTheMarket
  EDR Lab for Experimentation Purposes
  ☆1,409Updated 2 weeks ago
• XaFF-XaFF / Cronos-Rootkit
  Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
  ☆933Updated 3 years ago
• matthieu-hackwitharts / Win32_Offensive_Cheatsheet
  Win32 and Kernel abusing techniques for pentesters
  ☆972Updated 2 years ago
• bytecode77 / r77-rootkit
  Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
  ☆2,085Updated this week
• indetectables-net / toolkit
  The essential toolkit for reversing, malware analysis, and cracking
  ☆968Updated 8 months ago
• SafeBreach-Labs / PoolParty
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆1,243Updated 2 years ago
• SafeBreach-Labs / WindowsDowndate
  A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
  ☆696Updated last year
• vxunderground / VXUG-Papers
  Research code & papers from members of vx-underground.
  ☆1,351Updated 4 years ago
• lem0nSec / ShellGhost
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,198Updated 2 years ago
• tkmru / awesome-edr-bypass
  Awesome EDR Bypass Resources For Ethical Hacking
  ☆1,470Updated 2 weeks ago
• hasherezade / tiny_tracer
  A Pin Tool for tracing API calls etc
  ☆1,612Updated 2 months ago
• joaoviictorti / shadow
  Windows Kernel Rootkit in Rust
  ☆678Updated 4 months ago
• am0nsec / HellsGate
  Original C Implementation of the Hell's Gate VX Technique
  ☆1,159Updated 4 years ago
• matro7sh / BypassAV
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆3,142Updated 10 months ago
• es3n1n / no-defender
  A slightly more fun way to disable windows defender + firewall. (through the WSC api)
  ☆2,045Updated last year
• vitoplantamura / BugChecker
  SoftICE-like kernel debugger for Windows 11
  ☆1,009Updated 2 years ago
• Cracked5pider / Stardust
  A modern 32/64-bit position independent implant template
  ☆1,294Updated 10 months ago
• fr0gger / Awesome_Malware_Techniques
  This is a repository of resource about Malware techniques
  ☆822Updated 2 years ago
• Wack0 / CVE-2022-21894
  baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
  ☆348Updated 2 years ago
• bytecode77 / living-off-the-land
  Fileless attack with persistence
  ☆370Updated 7 months ago
• ZeroMemoryEx / Terminator
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆1,040Updated 2 years ago
• kernelwernel / VMAware
  Advanced VM detection library and tool
  ☆1,015Updated last week