Alternatives and similar repositories for CTHD:

Users that are interested in CTHD are comparing it to the libraries listed below

• rbapat / KernelInjector
  Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected
  ☆36Updated 6 years ago
• zer0condition / CritBSOD
  Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode
  ☆17Updated 2 years ago
• boom-cr3 / NotifyRoutineHijackThread
  Hijack NotifyRoutine for a kernelmode thread
  ☆41Updated 2 years ago
• Oliver-1-1 / NMI
  ☆13Updated 11 months ago
• ekknod / SetWindowHookEx
  Using SetWindowHookEx for preinjected DLL's
  ☆59Updated 2 years ago
• Midi12 / drv-loader
  Simple driver loader for windows
  ☆17Updated 4 years ago
• armvirus / DriverDllFInder
  search for a driver/dll module that has a wanted section bigger than the size of your image
  ☆19Updated 3 years ago
• Sentient111 / StealingSignatures
  Stealing signatures from pe files
  ☆17Updated 3 weeks ago
• Lima-X / Win32.Nebula
  A packed & protected Module Loader and more, for 64-bit Windows
  ☆29Updated 4 years ago
• muturikaranja / disable-threat-tracing
  Disable threat tracing from the kernel..
  ☆13Updated 3 years ago
• XShar / Super_Hide_String
  Скрытие строки от отладчиков и декомпиляторов
  ☆50Updated 5 years ago
• zompi2 / Variables-obfuscator
  Simple memory obfuscator.
  ☆24Updated 2 years ago
• KANKOSHEV / Detect-MouseClassServiceCallback
  mouseclassservicecallback detection via hook
  ☆50Updated 3 years ago
• serbx / KernelVtableFunctionHook
  ☆17Updated 2 years ago
• Rycooop / Callback-Registration
  Register a callback from a Manually mapped kernel module
  ☆16Updated 3 years ago
• lennyRBLX / injection
  A resource for thread hijacking and manual mapping code, that works with MEM_MAPPED & MEM_IMAGE.
  ☆26Updated 4 years ago
• ekknod / Nmi
  Old way for blocking NMI interrupts
  ☆26Updated 2 years ago
• weak1337 / BEShellcodeDumper
  ☆42Updated 3 years ago
• 0xUINTBEEF / krn-rw-ioctl
  simple driver to read and write
  ☆18Updated last week
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆38Updated 2 years ago
• oxiKKK / iat-dump
  A dumper for all the imports stored within a Windows PE (portable executable).
  ☆15Updated 3 years ago
• weak1337 / CEDetector
  ☆46Updated 3 years ago
• gmh5225 / HideDriverTesting
  Only for Stress-Testing
  ☆24Updated 3 years ago
• 0xGREG / registry-callbacks
  UM-KM Communication using registry callbacks
  ☆39Updated 4 years ago
• EBalloon / MapPage
  Mapping your code on a 0x1000 size page
  ☆72Updated 2 years ago
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆43Updated 2 years ago
• kkent030315 / kernel_callbacks
  Bypasses for Windows kernel callbacks PatchGuard protection
  ☆43Updated 3 years ago
• android1337 / crystr
  Compile-Time Strings and Numbers Encryption for C++20
  ☆43Updated 2 months ago
• KiFilterFiberContext / BadlionLogger
  kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT
  ☆33Updated 3 years ago
• Azvanzed / vilspy
  a simple obfuscator
  Updated last year