Alternatives and similar repositories for HiveSwarming

Users that are interested in HiveSwarming are comparing it to the libraries listed below

• Fleex255 / CustomShim
  Example/starter code for custom Windows application compatibility shims
  ☆33Updated 4 years ago
• dr-anoroc / rawccopy
  Command line utility for copying files on NTFS using low level disk access
  ☆34Updated last year
• m417z / minhook-detours
  A hooking library with a MinHook-like API and a Detours-like implementation, with support for the x86, x64, and ARM64 platforms
  ☆19Updated 2 weeks ago
• secana / CertDump
  Dump certificates from PE files in different formats
  ☆38Updated last year
• 3dnow / NtCreateLowBoxToken
  A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering
  ☆36Updated 4 months ago
• ASkyeye / CVE-2018-19320
  Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
  ☆20Updated 5 years ago
• KiFilterFiberContext / windows-software-policy
  Research on obfuscated licensing APIs / CLIP service in the Windows kernel
  ☆111Updated 2 years ago
• keowu / InstrumentationCallbackToolKit
  A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…
  ☆28Updated last year
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆68Updated 3 years ago
• rbmm / remap
  break link between dll and it file on disk
  ☆11Updated 8 months ago
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆28Updated 2 years ago
• therealdreg / Win.Cerdalux
  WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs
  ☆18Updated last year
• Wack0 / SecureBootPolicyTools
  Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).
  ☆44Updated 2 years ago
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆76Updated last week
• nccgroup / mimikatz-detector-condrv
  The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …
  ☆39Updated 2 years ago
• hfiref0x / AsIo3Unlock
  ASUSTeK AsIO3 I/O driver unlock
  ☆21Updated 4 years ago
• tijldeneut / DPAPIck3
  ☆17Updated last year
• repnz / windows-imports-searcher
  Support Windows OS Reversing by searching easily for references to functions across many DLLs
  ☆34Updated 3 years ago
• jjensn / CVE-2024-36877
  Exploit POC for CVE-2024-36877
  ☆46Updated 9 months ago
• namazso / PEDiffGen
  Subtract one PE file from another!
  ☆22Updated 3 years ago
• DebugPrivilege / WindowsAP1
  Code samples that serve as references for Windows API functions
  ☆31Updated 11 months ago
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆30Updated last year
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆65Updated 4 years ago
• zodiacon / WMIExplorer
  ☆17Updated 9 months ago
• m417z / x64dbg-xfg-marker
  An x64dbg plugin which marks XFG call signatures as data
  ☆74Updated 2 years ago
• zodiacon / RemoteThreadDetection
  Remote Thread Detection with a Kernel Driver
  ☆30Updated 4 months ago
• zodiacon / WinEventHooks
  SetWinEventHook Sample
  ☆47Updated last year
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆32Updated 3 years ago
• klezVirus / AIDA64DRIVER-EoP
  AIDA64DRIVER Elevation of Privilege Vulnerability
  ☆13Updated 6 months ago
• batteryshark / stfu_wow64
  A Generic WOW64 Process Blocker
  ☆14Updated 3 years ago