Alternatives and similar repositories for learning

Users that are interested in learning are comparing it to the libraries listed below

• wes4m / unHooker
  Kernel (Ring0) - SSDT unhook driver
  ☆15Updated 7 years ago
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver
  exploit termdd.sys(support kb4499175)
  ☆61Updated 6 years ago
• yuvatia / Win10GdiExploitation
  Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.
  ☆24Updated 8 years ago
• hatRiot / DelayLoadInject
  Code injection via delay load libraries
  ☆36Updated 8 years ago
• SLAUC91 / DLLFinder
  Enumerate the DLLs/Modules using NtQueryVirtualMemory
  ☆32Updated 10 years ago
• AlexRuzin / Helios
  A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain
  ☆25Updated 7 years ago
• John-Yu / Simple_PE_packer
  The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…
  ☆20Updated 8 years ago
• shareef12 / cpuz
  CPU-Z Exploit Proof of Concept
  ☆31Updated 6 years ago
• 3gstudent / Use-COM-objects-to-bypass-UAC
  ☆92Updated 4 years ago
• killswitch-GUI / HotLoad-Driver
  C++
  ☆87Updated 9 years ago
• gabriellandau / CISpotter
  Code Integrity Violation Spotter
  ☆17Updated last year
• revsic / CodeInjection
  Code Injection technique written in cpp language
  ☆34Updated 8 years ago
• waleedassar / SyscallNumberFinder
  ☆33Updated 4 years ago
• deroko / SPPLUAObjectUacBypass
  ☆46Updated 7 years ago
• hasherezade / paramkit
  A small library helping to parse commandline parameters (for C/C++)
  ☆58Updated 8 months ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆22Updated 7 years ago
• kacheo / KernelRootkit
  Linux kernel rootkit to hide certain files and processes.
  ☆36Updated 11 years ago
• JKornev / hijacken
  Analyze and attack windows applications using dll hijacking vulnerabilities
  ☆59Updated 6 years ago
• NtRaiseHardError / UnRunPE
  PoC for detecting and dumping process hollowing code injection
  ☆52Updated 7 years ago
• nettitude / DLLInjection
  DLL Injection Library & Tools
  ☆73Updated 9 years ago
• 3gstudent / Catch-specified-file-s-handle
  Enumerate all processes and get specified file's handle,then close it.
  ☆12Updated 7 years ago
• dro / uac-launchinf-poc
  Windows 10 UAC bypass PoC using LaunchInfSection
  ☆35Updated 7 years ago
• aaaddress1 / APCInjector-BYPASS-AV
  ☆19Updated 10 years ago
• MalwareMechanic / RISCYpacker
  Process Hollowing Packer
  ☆29Updated 8 years ago
• 0xcpu / dijuno
  POC for a race condition exploit using directory junctions in Windows
  ☆17Updated 5 years ago
• 0xdabbad00 / OpenHIPS
  OpenHIPS prevents exploitation of Windows systems
  ☆35Updated 13 years ago
• tsarpaul / WinRpcTutorial
  A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial
  ☆16Updated 6 years ago
• Trietptm-on-Coding-Algorithms / ZeroBank-ring0-bundle
  Kernel-Mode rootkit that connects to a remote server to send & recv commands
  ☆33Updated 7 years ago
• JKornev / NTlib
  Static library and headers for linking your software with ntdll.dll
  ☆38Updated 6 years ago
• jonasblunck / DP
  Win32 API and COM hooking/tracing.
  ☆30Updated 9 years ago