Alternatives and similar repositories for dolos

Users that are interested in dolos are comparing it to the libraries listed below

• ZeroMemoryEx / URootkit
  simple user-mode Rootkit
  ☆107Updated 3 years ago
• 3intermute / ramiel
  uefi diskless persistence technique + OVMF secureboot bypass
  ☆94Updated last year
• MahmoudZohdy / Process-Injection-Techniques
  Various Process Injection Techniques
  ☆161Updated 3 years ago
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆260Updated last year
• frank2 / packer-tutorial
  A tutorial on how to write a packer for Windows!
  ☆298Updated 2 years ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆30Updated 6 years ago
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆154Updated last month
• rad9800 / WTSRM
  WTSRM
  ☆216Updated 3 years ago
• TheMalwareGuardian / Abismo
  [ARCHIVED] Early work on Abyss (Windows UEFI Bootkit).
  ☆44Updated 4 months ago
• hasherezade / thread_namecalling
  Process Injection using Thread Name
  ☆284Updated 8 months ago
• Idov31 / Jormungandr
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆242Updated 2 years ago
• rad9800 / misc
  miscellaneous scripts and programs
  ☆270Updated 10 months ago
• zer0condition / ZeroThreadKernel
  Recursive and arbitrary code execution at kernel-level without a system thread creation
  ☆157Updated 2 years ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆184Updated 7 months ago
• GetRektBoy724 / DCMB
  Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
  ☆241Updated last year
• WithSecureLabs / CallStackSpoofer
  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
  ☆542Updated 8 months ago
• rad9800 / hwbp4mw
  ☆268Updated 2 years ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆316Updated last year
• lil-skelly / basilisk
  ☆14Updated 8 months ago
• XaFF-XaFF / Kernel-Process-Hollowing
  Windows x64 kernel mode rootkit process hollowing POC.
  ☆189Updated 2 years ago
• am0nsec / vx
  Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.
  ☆191Updated 4 months ago
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆185Updated 7 years ago
• klezVirus / DriverJack
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆357Updated last year
• TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
  A curated compilation of extensive resources dedicated to bootkit and rootkit development.
  ☆158Updated 4 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆118Updated last year
• symeonp / Lenovo-CVE-2025-8061
  PoC for popping a system shell against the LnvMSRIO.sys driver
  ☆116Updated 2 months ago
• LloydLabs / ntqueueapcthreadex-ntdll-gadget-injection
  This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …
  ☆259Updated 2 years ago
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆32Updated 3 years ago
• adamhlt / Process-Hollowing
  Process Hollowing in C++ (x86 / x64) - Process PE image replacement
  ☆172Updated 2 years ago
• eversinc33 / unKover
  Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.
  ☆246Updated last week