Alternatives and similar repositories for hide-and-seek:

Users that are interested in hide-and-seek are comparing it to the libraries listed below

• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆33Updated 3 years ago
• xenoscr / manual-syscall-detect
  A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
  ☆106Updated 2 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆27Updated 3 years ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆71Updated 3 years ago
• AzAgarampur / byeintegrity5-uac
  Bypass UAC at any level by abusing the Task Scheduler and environment variables
  ☆30Updated 3 years ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆133Updated last year
• veil-ivy / kapc_injector
  kernel to user mode APC injector
  ☆44Updated 2 years ago
• idiotc4t / Mapping-injection
  NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection
  ☆27Updated 4 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆38Updated 4 years ago
• elddy / Windows-NTAPI-Injector
  Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
  ☆40Updated 4 years ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆25Updated 5 years ago
• ZeroMemoryEx / Hooks_Hunter
  Detect API Hooks
  ☆72Updated 2 years ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆104Updated last year
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆45Updated 7 years ago
• SaulBerrenson / WinApiObfuscator
  Header only library for obfuscation import winapi functions.
  ☆32Updated 3 years ago
• alfarom256 / drivers_and_shit
  ☆58Updated 2 years ago
• HFaeiro / Lialis
  Rebuild of the original Remote Admin Tool
  ☆9Updated 4 years ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆18Updated 2 years ago
• hoangprod / DanSpecial
  Weaponizing Gigabyte driver for priv escalation and bypass PPL
  ☆68Updated 5 years ago
• SamLarenN / PePacker
  Simple PE Packer Which Encrypts .text Section
  ☆49Updated 7 years ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆80Updated last year
• cocomelonc / 2022-06-05-malware-av-evasion-7
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆35Updated 2 years ago
• NATsCodes / ProcessHollowing
  Process Hollowing POC in CPP
  ☆15Updated 4 years ago
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆80Updated 2 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 3 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆89Updated 7 months ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆49Updated last year
• uf0o / windows-ps-callbacks-experiments
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆69Updated 2 years ago