Alternatives and similar repositories for basilisk:

Users that are interested in basilisk are comparing it to the libraries listed below

• xrombar / flower
  a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
  ☆93Updated last year
• Reijaff / offensive_c
  ☆42Updated 2 years ago
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆42Updated 8 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆106Updated 6 months ago
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆68Updated last month
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆73Updated 2 months ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆69Updated 5 months ago
• joaoviictorti / dinvk
  Dynamically invoke arbitrary code with Rust tricks, #[no_std] support, and compatibility for x64, x86, ARM64 and WoW64 (DInvoke)
  ☆57Updated this week
• eversinc33 / 1.6-C2
  Using the Counter Strike 1.6 RCON protocol as a C2 Channel.
  ☆75Updated last month
• tomiesghost / UltraEnvy
  Debug-assisted Argument Spoofing
  ☆14Updated 5 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆98Updated last year
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆64Updated 3 weeks ago
• eversinc33 / PSXecute
  32bit MIPS I VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.
  ☆111Updated 3 months ago
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆244Updated 11 months ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆173Updated 2 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆150Updated 4 months ago
• CarlosG13 / Process-Hypnosis-Debugger-assisted-control-flow-hijack
  ☆34Updated last year
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆38Updated 7 months ago
• Danukeru / llvm-obfs-str-pass-2024
  An example of an external LLVM plugin module transform pass for the latest versions.
  ☆14Updated 4 months ago
• 3itch / icekit
  I/O Cache-As-Ram + AMD x86_64 cache line locking | Mirror of https://codeberg.org/3itch/icekit
  ☆14Updated 3 weeks ago
• zzhsec / NlsCodeInjectionThroughRegistry
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆17Updated 2 years ago
• djolertrk / kovid-obfuscation-passes
  A set of LLVM and GCC based plugins that perform code obfuscation.
  ☆121Updated 3 weeks ago
• joaoviictorti / userdmp
  A Rust crate to parse user-mode minidump files generated on Windows
  ☆12Updated 3 weeks ago
• synacktiv / keebcap
  Win32 keylogger that supports all (non-ime using) languages correctly
  ☆49Updated last year
• maziland / StackBombing
  Next gen process injection technique
  ☆45Updated 4 years ago
• zimnyaa / insomnia
  a stage1 DLL loader with sleep obfuscation
  ☆35Updated 2 years ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆89Updated 2 years ago
• decoder-it / RelabelAbuse
  ☆61Updated 10 months ago
• Kudaes / Eclipse
  Activation Context Hijack
  ☆150Updated 4 months ago
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆32Updated 3 years ago