Alternatives and similar repositories for windows-kernel-programming:

Users that are interested in windows-kernel-programming are comparing it to the libraries listed below

• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆12Updated this week
• SaltedFishBayonet / Windows-Kernel-Crypto
  Windows kernel driver encryption library, support base64, aes-256, rsa-2048 and higher, ecc-256, single file, minimal dependence, support…
  ☆21Updated 3 years ago
• rbmm / RtlClone
  ☆27Updated 6 months ago
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆29Updated last year
• rbmm / Hollowed-Process
  ☆26Updated 3 months ago
• lem0nSec / ASM_World
  Offensive Assembly code snippets.
  ☆12Updated last year
• rbmm / PfxViewer
  ☆11Updated 2 weeks ago
• rbmm / DirectSysCall
  ☆12Updated last year
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆25Updated 2 years ago
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆24Updated 7 months ago
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆54Updated 2 years ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆15Updated last week
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• Yaxser / Itaskhandler
  Implementation of ITaskHandler in C++
  ☆13Updated last year
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆43Updated 2 years ago
• jsecurity101 / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆39Updated 9 months ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆26Updated 5 months ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆29Updated 4 years ago
• Flawww / NtSyscaller
  Manually perform syscalls without going through any external API or DLL.
  ☆17Updated last year
• ProcessusT / PsNotifRoutineUnloader
  This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…
  ☆62Updated 11 months ago
• 0xMegaByte / COM-Explained
  ☆27Updated 2 years ago
• APT64 / KernelAVKiller
  Antivirus killer using ring-0 kernel driver. Antivirus processes will automatically close while the killer is running.
  ☆6Updated 2 years ago
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆33Updated 3 years ago
• NUL0x4C / RecycleBinPersistence
  using the Recycle Bin to insure persistence
  ☆12Updated 2 years ago
• aaaddress1 / masqueradeCmdline
  A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
  ☆38Updated 4 years ago
• ph4s3tw0 / GetProcAddressCaseStudies
  Six cases demonstrating methods of optimizing GetProcAddress
  ☆17Updated 3 years ago
• loneicewolf / KernelMode-Code
  2022 Updated Kernelmode-Code
  ☆31Updated 9 months ago
• GetRektBoy724 / Breaking-Detecting-Direct-Syscall-Techniques
  A repository filled with ideas to break/detect direct syscall techniques
  ☆26Updated 2 years ago