Alternatives and similar repositories for antispy:

Users that are interested in antispy are comparing it to the libraries listed below

• ExpLife0011 / awesome-windows-kernel-security-development
  windows kernel security development
  ☆1,987Updated 2 years ago
• JKornev / hidden
  🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
  ☆1,880Updated 2 years ago
• hfiref0x / WinObjEx64
  Windows Object Explorer 64-bit
  ☆1,714Updated last month
• AxtMueller / Windows-Kernel-Explorer
  A free but powerful Windows kernel research tool.
  ☆2,484Updated 4 months ago
• wbenny / injdrv
  proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
  ☆1,200Updated 10 months ago
• horsicq / x64dbg-Plugin-Manager
  Plugin manager for x64dbg
  ☆836Updated this week
• HoShiMin / Kernel-Bridge
  Windows kernel hacking framework, driver template, hypervisor and API written on C++
  ☆1,701Updated last year
• 4d61726b / VirtualKD-Redux
  VirtualKD-Redux - A revival and modernization of VirtualKD
  ☆863Updated 8 months ago
• everdox / InfinityHook
  Hook system calls, context switches, page faults and more.
  ☆2,506Updated last year
• 9176324 / Shark
  Turn off PatchGuard in real time for win7 (7600) ~ later
  ☆1,003Updated 2 years ago
• mrexodia / TitanHide
  Hiding kernel-driver for x86/x64.
  ☆2,209Updated 2 weeks ago
• silverf0x / RpcView
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆956Updated last year
• hzqst / Syscall-Monitor
  Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+
  ☆735Updated 7 years ago
• monoxgas / sRDI
  Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
  ☆2,231Updated last year
• hfiref0x / TDL
  Driver loader for bypassing Windows x64 Driver Signature Enforcement
  ☆1,101Updated 5 years ago
• zodiacon / AllTools
  All reasonably stable tools
  ☆1,227Updated 6 months ago
• anhkgg / SuperDllHijack
  SuperDllHijack：A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技…
  ☆935Updated 3 years ago
• sud01oo / ProcessInjection
  Some ways to inject a DLL into a alive process
  ☆359Updated 6 years ago
• iPower / KasperskyHook
  Hook system calls on Windows by using Kaspersky's hypervisor
  ☆1,156Updated 11 months ago
• can1357 / NoVmp
  A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
  ☆1,992Updated 3 years ago
• hasherezade / dll_to_exe
  Converts a DLL into EXE
  ☆803Updated last year
• jthuraisamy / SysWhispers
  AV/EDR evasion via direct system calls.
  ☆1,845Updated 2 years ago
• tandasat / DdiMon
  Monitoring and controlling kernel API calls with stealth hook using EPT
  ☆1,221Updated 3 years ago
• swwwolf / wdbgark
  WinDBG Anti-RootKit Extension
  ☆628Updated 4 years ago
• Mattiwatti / PPLKiller
  Protected Processes Light Killer
  ☆914Updated last year
• hasherezade / tiny_tracer
  A Pin Tool for tracing API calls etc
  ☆1,392Updated last month
• zodiacon / SystemExplorer
  Windows System Explorer
  ☆848Updated 9 months ago
• M00nRise / ProcessHider
  Post-exploitation tool for hiding processes from monitoring applications
  ☆733Updated last year
• landhb / HideProcess
  A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
  ☆663Updated 5 years ago
• theevilbit / injection
  ☆803Updated 5 years ago