Alternatives and similar repositories for basilisk

Users that are interested in basilisk are comparing it to the libraries listed below

• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆119Updated last year
• eversinc33 / PSXecute
  MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.
  ☆123Updated last year
• Idov31 / EtwLeakKernel
  Leaking kernel addresses from ETW consumers. Requires Administrator privileges.
  ☆89Updated 2 months ago
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆258Updated last year
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆73Updated 8 months ago
• CX330Blake / Shellcode-IDE
  Shellcode IDE — makes developing and analyzing shellcode much more convenient.
  ☆108Updated last month
• r0keb / TrashFormer
  A 64 bit executable junk code engine for polymorphic malware.
  ☆74Updated 6 months ago
• xrombar / flower
  a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
  ☆106Updated last year
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆211Updated 11 months ago
• hasherezade / thread_namecalling
  Process Injection using Thread Name
  ☆290Updated 8 months ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆316Updated last year
• 0xflux / Hells-Hollow
  Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
  ☆205Updated 4 months ago
• mrexodia / RiscyWorkshop
  Payload Obfuscation for Red Teams workshop materials
  ☆78Updated last month
• vmsplit / icekit
  I/O Cache-As-Ram + AMD x86_64 cache line locking | Mirror of https://codeberg.org/3itch/icekit
  ☆18Updated 10 months ago
• TheMalwareGuardian / Abyss
  Windows UEFI Bootkit
  ☆72Updated last month
• connormcgarr / Vtl1Mon
  Virtual Trust Level (VTL 1) secure call tracing
  ☆84Updated 4 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆167Updated last year
• Kudaes / Eclipse
  Activation Context Hijack
  ☆168Updated 5 months ago
• TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
  A curated compilation of extensive resources dedicated to bootkit and rootkit development.
  ☆171Updated 5 months ago
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆265Updated last year
• rad9800 / talks
  ☆60Updated 8 months ago
• XaFF-XaFF / Kernel-Process-Hollowing
  Windows x64 kernel mode rootkit process hollowing POC.
  ☆189Updated 2 years ago
• symeonp / Lenovo-CVE-2025-8061
  PoC for popping a system shell against the LnvMSRIO.sys driver
  ☆117Updated 3 months ago
• badhive / stitch
  Rewrite and obfuscate code in compiled binaries
  ☆273Updated 3 weeks ago
• CarlosG13 / Process-Hypnosis-Debugger-assisted-control-flow-hijack
  ☆41Updated last year
• MatheuZSecurity / Rootkit
  Collection of codes focused on Linux rootkits
  ☆192Updated 2 months ago
• tijme / relocatable
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆114Updated 11 months ago
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆105Updated last month
• rad9800 / hwbp4mw
  ☆269Updated 2 years ago
• woldann / NThread
  Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…
  ☆58Updated 3 months ago