Alternatives and similar repositories for BlackLotus

Users that are interested in BlackLotus are comparing it to the libraries listed below

• Idov31 / Nidhogg
  Nidhogg is an all-in-one simple to use windows kernel rootkit.
  ☆1,995Updated last month
• memN0ps / redlotus-rs
  Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)
  ☆534Updated last year
• weak1337 / Alcatraz
  x64 binary obfuscator
  ☆1,838Updated last year
• ZeroMemoryEx / Blackout
  kill anti-malware protected processes ( BYOVD) ( Microsoft Won)
  ☆945Updated last year
• vxunderground / VX-API
  Collection of various malicious functionality to aid in malware development
  ☆1,669Updated last year
• magicsword-io / LOLDrivers
  Living Off The Land Drivers
  ☆1,190Updated 3 weeks ago
• daem0nc0re / TangledWinExec
  PoCs and tools for investigation of Windows process execution techniques
  ☆916Updated 2 months ago
• hackerhouse-opensource / iscsicpl_bypassUAC
  UAC bypass for x64 Windows 7 - 11
  ☆807Updated 2 years ago
• es3n1n / no-defender
  A slightly more fun way to disable windows defender + firewall. (through the WSC api)
  ☆1,996Updated last year
• hasherezade / exe_to_dll
  Converts a EXE into DLL
  ☆1,316Updated last month
• ZeroMemoryEx / Chaos-Rootkit
  Now You See Me, Now You Don't
  ☆945Updated 5 months ago
• XaFF-XaFF / Black-Angel-Rootkit
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆642Updated last year
• lab52io / StopDefender
  Stop Windows Defender programmatically
  ☆970Updated 2 years ago
• bytecode77 / r77-rootkit
  Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
  ☆1,939Updated 2 months ago
• SafeBreach-Labs / PoolParty
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆1,117Updated last year
• Xacone / BestEdrOfTheMarket
  AV/EDR Evasion Lab for Training & Learning Purposes
  ☆1,264Updated last month
• lem0nSec / ShellGhost
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,184Updated last year
• hasherezade / tiny_tracer
  A Pin Tool for tracing API calls etc
  ☆1,442Updated this week
• b1tg / CVE-2023-38831-winrar-exploit
  CVE-2023-38831 winrar exploit generator
  ☆788Updated last year
• hasherezade / pe-bear
  Portable Executable reversing tool with a friendly GUI
  ☆3,114Updated last month
• Meckazin / ChromeKatz
  Dump cookies and credentials directly from Chrome/Edge process memory
  ☆1,210Updated 6 months ago
• SafeBreach-Labs / WindowsDowndate
  A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
  ☆666Updated 7 months ago
• matthieu-hackwitharts / Win32_Offensive_Cheatsheet
  Win32 and Kernel abusing techniques for pentesters
  ☆954Updated last year
• XaFF-XaFF / Cronos-Rootkit
  Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
  ☆910Updated 3 years ago
• Notselwyn / CVE-2024-1086
  Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, in…
  ☆2,369Updated last year
• Cracked5pider / Stardust
  A modern 32/64-bit position independent implant template
  ☆1,222Updated 2 months ago
• 3xpl01tc0d3r / ProcessInjection
  This program is designed to demonstrate various process injection techniques
  ☆1,148Updated last year
• SaadAhla / FilelessPELoader
  Loading Remote AES Encrypted PE in memory , Decrypted it and run it
  ☆941Updated last year
• tkmru / awesome-edr-bypass
  Awesome EDR Bypass Resources For Ethical Hacking
  ☆1,206Updated this week
• Accenture / Spartacus
  Spartacus DLL/COM Hijacking Toolkit
  ☆1,044Updated last year