Alternatives and similar repositories for dolos

Users that are interested in dolos are comparing it to the libraries listed below

• ZeroMemoryEx / URootkit
  simple user-mode Rootkit
  ☆108Updated 3 years ago
• MahmoudZohdy / Process-Injection-Techniques
  Various Process Injection Techniques
  ☆163Updated 3 years ago
• rad9800 / hwbp4mw
  ☆274Updated 3 years ago
• rad9800 / WTSRM
  WTSRM
  ☆216Updated 3 years ago
• frank2 / packer-tutorial
  A tutorial on how to write a packer for Windows!
  ☆308Updated 2 years ago
• hasherezade / thread_namecalling
  Process Injection using Thread Name
  ☆297Updated 9 months ago
• 3intermute / ramiel
  uefi diskless persistence technique + OVMF secureboot bypass
  ☆95Updated last year
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆264Updated last year
• WithSecureLabs / CallStackSpoofer
  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
  ☆549Updated 10 months ago
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆225Updated 2 years ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆188Updated 9 months ago
• rad9800 / misc
  miscellaneous scripts and programs
  ☆274Updated last year
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆321Updated 2 years ago
• pard0p / CallstackSpoofingPOC
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆425Updated 2 years ago
• bytecode77 / living-off-the-land
  Fileless attack with persistence
  ☆370Updated 7 months ago
• LloydLabs / ntqueueapcthreadex-ntdll-gadget-injection
  This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …
  ☆260Updated 2 years ago
• GetRektBoy724 / DCMB
  Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
  ☆246Updated last year
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆32Updated 4 years ago
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆191Updated 7 years ago
• Kudaes / Unwinder
  Call stack spoofing for Rust
  ☆355Updated last year
• Nordgaren / stealth-win
  ☆48Updated 2 years ago
• Idov31 / Jormungandr
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆243Updated 2 years ago
• janoglezcampos / rust_syscalls
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆230Updated 2 years ago
• am0nsec / vx
  Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.
  ☆192Updated 6 months ago
• klezVirus / DriverJack
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆358Updated last year
• Kudaes / Fiber
  Using fibers to run in-memory code.
  ☆240Updated 2 years ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆30Updated 6 years ago
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆153Updated 2 months ago
• memN0ps / venom-rs
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆360Updated last year
• Cracked5pider / conti_locker
  Conti Locker source code
  ☆198Updated 3 years ago