Alternatives and similar repositories for runasti:

Users that are interested in runasti are comparing it to the libraries listed below

• Dump-GUY / sc2pe
  Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE
  ☆65Updated last year
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆61Updated last year
• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆44Updated 7 months ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆65Updated 3 years ago
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆34Updated 3 years ago
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆46Updated 8 months ago
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆34Updated 2 months ago
• SECFORCE / SharpASM
  SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…
  ☆57Updated 2 years ago
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆25Updated 2 years ago
• hoangprod / DanSpecial
  Weaponizing Gigabyte driver for priv escalation and bypass PPL
  ☆68Updated 5 years ago
• hMihaiDavid / addscn
  Add an empty section to a PE file
  ☆52Updated 7 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆89Updated 7 months ago
• TheKevinWang / UACHooker
  Reflective DLL that hooks the creation of the UAC prompt popped by explorer.exe for privilege escalation.
  ☆20Updated 3 years ago
• secana / CertDump
  Dump certificates from PE files in different formats
  ☆38Updated last year
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆33Updated 3 years ago
• LloydLabs / process-enumeration-stealth
  ☆79Updated 5 months ago
• zodiacon / WMIExplorer
  ☆14Updated 5 months ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆43Updated 3 months ago
• loneicewolf / smbdoor
  improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
  ☆49Updated last year
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 4 years ago
• jonaslyk / temp
  ☆65Updated last year
• ytk2128 / api-monitor32
  A simple tool for detecting memory modifications to Windows API.
  ☆22Updated 3 weeks ago
• hidd3ncod3s / WindowsAPIhash
  Windows API Hashes used in the malwares
  ☆40Updated 9 years ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆71Updated 3 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆38Updated 3 years ago
• elastic / PPLGuard
  ☆69Updated last year
• alfarom256 / MCP-PoC
  Minifilter Callback Patching Proof-of-Concept
  ☆64Updated 2 years ago
• trickster0 / CReadMemory
  Read Memory without ReadProcessMemory for Current Process
  ☆75Updated 2 years ago
• ph4s3tw0 / GetProcAddressCaseStudies
  Six cases demonstrating methods of optimizing GetProcAddress
  ☆17Updated 3 years ago