Alternatives and similar repositories for Nemesis

Users that are interested in Nemesis are comparing it to the libraries listed below

• ekknod / sumap
  manually map driver for a signed driver memory space
  ☆157Updated 4 years ago
• BadPlayer555 / KernelGDIDraw
  The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.
  ☆295Updated 5 years ago
• M-r-J-o-h-n / SWH-Injector
  An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.
  ☆244Updated 6 years ago
• not-wlan / drvmap
  driver mapper / capcom wrapper
  ☆220Updated 5 years ago
• lennyRBLX / readwrite-kernel-stable
  a more stable & secure read/write virtual memory for kernel mode drivers
  ☆164Updated 5 years ago
• notscimmy / pplib
  Elevate a process to be a protected process
  ☆150Updated 5 years ago
• btbd / modmap
  Module extending manual mapper
  ☆335Updated 5 years ago
• vmcall / owned_alignment
  Hooking kernel functions by abusing alignment
  ☆241Updated 4 years ago
• ContionMig / LSASS-Usermode-Bypass
  This bypass is for anti cheats like battleye and EAC. All this does is abuse lsass's handles and use them for yourself. This is quite use…
  ☆108Updated 4 years ago
• 0x1-1 / Battleye-VAC-EAC-Kernel-Bypass
  Kernel mode bypass for BattlEye, EAC
  ☆189Updated last year
• ch4ncellor / EAC-Reversal
  09/2021 reversal of EasyAntiCheat driver
  ☆216Updated 3 years ago
• charliewolfe / Stealthy-Kernelmode-Injector
  Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…
  ☆326Updated 3 years ago
• pTerrance / full-kernel-driver
  ☆144Updated 4 years ago
• mq1n / EasyRing0
  Windows kernel samples
  ☆249Updated 6 years ago
• not-wlan / driver-hijack
  ☆153Updated 5 years ago
• rogerxiii / kernel-codecave-poc
  Proof of concept on how to bypass some limitations of a manual mapped driver
  ☆171Updated 4 years ago
• waryas / UMPMLib
  A library to manipulate physical memory from usermode.
  ☆294Updated last year
• DragonQuestHero / Kernel_Inject
  Kernel Inject DLL
  ☆345Updated 2 years ago
• danielkrupinski / x86RetSpoof
  Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calli…
  ☆175Updated 2 years ago
• mq1n / DLLThreadInjectionDetector
  ☆167Updated 7 years ago
• VollRagm / lpmapper
  A mapper that maps shellcode into loaded large page drivers
  ☆280Updated 3 years ago
• es3n1n / be-shellcode-tester
  BattlEye shellcodes tester
  ☆145Updated 3 years ago
• waryas / KACE
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆338Updated 2 years ago
• Rat431 / ColdHide_V2
  A mini anti-anti debug hooking library for Windows.
  ☆106Updated 4 years ago
• sondernextdoor / Poseidon
  Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…
  ☆376Updated last year
• armvirus / CosMapper
  Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.
  ☆339Updated 3 years ago
• kkent030315 / anycall
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆322Updated 2 years ago
• hoangprod / LeoSpecial-VEH-Hook
  Vectored Exception Handling Hooking Class
  ☆158Updated 6 years ago
• kkent030315 / anymapper
  x64 Windows kernel driver mapper, inject unsigned driver using anycall
  ☆159Updated last year
• thesecretclub / callout-poc
  ☆143Updated 4 years ago