Alternatives and similar repositories for singlestep_xorstub

Users that are interested in singlestep_xorstub are comparing it to the libraries listed below

• rad9800 / RansomFS
  ☆31Updated 9 months ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆35Updated last year
• Stuuxx / awesome-persistence
  Persistence techniques for windows.
  ☆19Updated 2 years ago
• rbmm / TL-TASK
  ☆20Updated 2 months ago
• synacktiv / windows_kernel_shadow_stack
  Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.
  ☆53Updated 5 months ago
• qtc-de / rpv-web
  rpv-web is a browser based frontend for the rpv library
  ☆25Updated last week
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆32Updated 2 years ago
• winterknife / EVENSTAR
  Intel 64/Windows low-level experiments
  ☆62Updated 3 months ago
• rxOred / process-hollowing
  process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
  ☆31Updated 3 years ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Updated 3 years ago
• zodiacon / NativePowers
  Native Powers Talk demos
  ☆15Updated 2 years ago
• DeDf / ParseNTFS
  ☆20Updated 5 years ago
• 7eRoM / tutorials
  ☆17Updated 6 months ago
• BlackHat-Ashura / Process_Ghosting
  Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…
  ☆16Updated last year
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆52Updated last year
• Sh3lldon / WinPWN
  This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits
  ☆24Updated last month
• rbmm / Noname
  really ?
  ☆12Updated last year
• Slowerzs / KeyJumper
  ☆51Updated 8 months ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆23Updated 7 months ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆24Updated last year
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆34Updated 2 years ago
• TimMisiak / RunWithDll
  A utility that can be used to launch an executable with a DLL injected
  ☆19Updated 2 years ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆30Updated last year
• amroes / FlexSheller
  ☆12Updated 9 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆49Updated 3 years ago
• Slowerzs / CryptDecryptMemory
  ☆31Updated 11 months ago
• m3rcer / IRvana
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆122Updated 2 weeks ago
• keyboardcrunch / sentinelone_usbscan
  A custom SentinelOne USB scanner.
  ☆18Updated 3 years ago
• rbmm / TPM
  Easy encrypt/decrypt data with TPM
  ☆25Updated last year
• lleon1435 / Kernel_VADInjector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆52Updated 2 years ago