Alternatives and similar repositories for Beholder-Win32

Users that are interested in Beholder-Win32 are comparing it to the libraries listed below

• johnsonjason / Remote-Thread-Executor
  Code injection by hijacking threads in Windows 32-bit applications
  ☆43Updated 6 years ago
• Rat431 / ColdHide
  (DEPRECATED) A simple anti-anti debug library for Windows
  ☆29Updated 5 years ago
• d366 / DarkMMap
  Manual PE image mapper
  ☆65Updated 12 years ago
• mq1n / HandleHijack
  Windows handle stealing POC with NtDuplicateObject
  ☆40Updated 8 years ago
• Cr4sh / PTBypass-PoC
  Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.
  ☆79Updated 14 years ago
• Gbps / CapcomLib
  A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)
  ☆42Updated 6 years ago
• h4xu3lyn / FuckPg
  Analysing and defeating PatchGuard universally
  ☆35Updated 4 years ago
• r1cky33 / winforms-gui-loader
  driver interface with dll-injection capabilities
  ☆29Updated 4 years ago
• adrianyy / memorylib
  Remote memory library in C++17.
  ☆31Updated 7 years ago
• GitMirar / DriverLoader
  Small tool which loads Windows drivers with NtLoadDriver
  ☆44Updated 4 years ago
• Biswa96 / PDBDownloader
  Standalone program to download PDB Symbol files for debugging without WDK
  ☆79Updated 6 years ago
• Synestraa / Highcall-Library
  usermode standalone kernel interface
  ☆111Updated 7 years ago
• Rat431 / ColdKernel_KUSER
  A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.
  ☆26Updated 5 years ago
• cxxrev0to1dev / nb_obfuscator
  win32/x64 obfuscate framework
  ☆32Updated 6 years ago
• Zer0Mem0ry / WindowsNT-Handle-Scanner
  A simple program to scan for open handles in a process.
  ☆61Updated 8 years ago
• moukayz / KernelDriverDemo
  ☆24Updated 6 years ago
• gigabitwize / dank
  Driver Loader/BE Bypass/Win Malware(lol)
  ☆34Updated 6 years ago
• alexvogt91 / NetDriver
  kernel-mode TDI client which can send and receive HTTP requests
  ☆55Updated 7 years ago
• NtRaiseHardError / Dreadnought
  PoC for detecting and dumping code injection (built and extended on UnRunPE)
  ☆57Updated 6 years ago
• anzelesnik / MySyscall
  Example of hijacking system calls via function pointer tables
  ☆31Updated 4 years ago
• SamLarenN / PSC-Engine
  Polymorphic Stub Creator
  ☆34Updated 8 years ago
• ajkhoury / RemoteCode-Kernel
  Simple code generation library developed in C intended for code generation in Kernel mode
  ☆17Updated 2 years ago
• rbapat / KernelInjector
  Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected
  ☆36Updated 6 years ago
• yardenshafir / DpcWait
  Driver demonstrating how to register a DPC to asynchronously wait on an object
  ☆49Updated 4 years ago
• mq1n / hSonic
  New handle stealing technique for windows apps
  ☆13Updated 7 years ago
• lldre / handle_exploration
  Figuring out the cause of a handle downgrade
  ☆24Updated 2 years ago
• can1357 / safe_capcom
  Capcom wrapper with safety in mind.
  ☆82Updated 7 years ago
• SLAUC91 / DLLHiding
  Hiding x32/x64 Modules/DLLs using PEB
  ☆61Updated 10 years ago
• thereals0beit / RemoteFunctions
  LoadLibrary, GetModuleHandle and GetProcAddress calls for remote processes
  ☆22Updated 10 years ago
• IgorKorkin / HypervisorsDetection
  This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.
  ☆84Updated 10 years ago