Alternatives and similar repositories for basilisk

Users that are interested in basilisk are comparing it to the libraries listed below

• eversinc33 / PSXecute
  MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.
  ☆124Updated last year
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆120Updated last year
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆263Updated last year
• Idov31 / EtwLeakKernel
  Leaking kernel addresses from ETW consumers. Requires Administrator privileges.
  ☆90Updated 2 months ago
• CX330Blake / Shellcode-IDE
  Shellcode IDE — makes developing and analyzing shellcode much more convenient.
  ☆112Updated 2 months ago
• xrombar / flower
  a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
  ☆107Updated last year
• hasherezade / thread_namecalling
  Process Injection using Thread Name
  ☆294Updated 9 months ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆213Updated last year
• TheMalwareGuardian / Abyss
  Windows UEFI Bootkit
  ☆78Updated 2 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆166Updated last year
• Kudaes / Eclipse
  Activation Context Hijack
  ☆169Updated 5 months ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆320Updated 2 years ago
• 0xflux / Hells-Hollow
  Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
  ☆209Updated 5 months ago
• vmsplit / icekit
  I/O Cache-As-Ram + AMD x86_64 cache line locking | Mirror of https://codeberg.org/3itch/icekit
  ☆18Updated 10 months ago
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆268Updated last year
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆106Updated 2 months ago
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆73Updated 9 months ago
• TheMalwareGuardian / Bootkits-Rootkits-Development-Environment
  Automated environment setup for Bootkit & Rootkit development.
  ☆35Updated 5 months ago
• r0keb / TrashFormer
  A 64 bit executable junk code engine for polymorphic malware.
  ☆75Updated 7 months ago
• symeonp / Lenovo-CVE-2025-8061
  PoC for popping a system shell against the LnvMSRIO.sys driver
  ☆117Updated 3 months ago
• badhive / stitch
  Rewrite and obfuscate code in compiled binaries
  ☆273Updated last month
• connormcgarr / Vtl1Mon
  Virtual Trust Level (VTL 1) secure call tracing
  ☆86Updated 5 months ago
• GB102 / VirtualEXploiter
  VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advan…
  ☆23Updated 10 months ago
• sensepost / pipetap
  A Windows Named Pipe Multi-tool / Proxy
  ☆283Updated last month
• vmsplit / checkm8
  bypassing intel txt's tboot integrity checks via coreboot shim
  ☆82Updated 10 months ago
• joaoviictorti / dinvk
  Dynamically invoke arbitrary code in Rust (Dinvoke)
  ☆100Updated 2 months ago
• tijme / dittobytes
  Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.
  ☆592Updated 2 weeks ago
• klezVirus / DriverJack
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆358Updated last year
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Updated last year
• namazso / dll-universal-patcher
  A universal binary patching dll.
  ☆116Updated last year