Alternatives and similar repositories for singlestep_xorstub

Users that are interested in singlestep_xorstub are comparing it to the libraries listed below

• winterknife / EVENSTAR
  Intel 64/Windows low-level experiments
  ☆63Updated 5 months ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆43Updated last year
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆32Updated 2 years ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆30Updated last year
• DeDf / ParseNTFS
  ☆20Updated 5 years ago
• rad9800 / RansomFS
  ☆31Updated 11 months ago
• tyranid / windows-memory-access-traps
  A few examples of how to trap virtual memory access on Windows.
  ☆39Updated last year
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated 2 years ago
• zodiacon / NativePowers
  Native Powers Talk demos
  ☆15Updated this week
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆35Updated 2 years ago
• m3rcer / IRvana
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆130Updated last month
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆49Updated 3 years ago
• rbmm / Noname
  really ?
  ☆12Updated last year
• susMdT / clr-thing
  rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
  ☆17Updated 2 years ago
• Slowerzs / CryptDecryptMemory
  ☆31Updated last year
• demon-i386 / binarybinarybinary
  some AV / EDR / analysis studies
  ☆10Updated 2 years ago
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆68Updated 11 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Updated 3 years ago
• mgrube / recon_22
  ☆10Updated 3 years ago
• Sh3lldon / WinPWN
  This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits
  ☆24Updated 3 months ago
• li4321 / selfmovingdll
  ☆25Updated last year
• synacktiv / windows_kernel_shadow_stack
  Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.
  ☆53Updated 7 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆115Updated 2 years ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆54Updated last year
• BlackHat-Ashura / Process_Ghosting
  Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…
  ☆17Updated last year
• xalicex / Unhook-Import-Address-Table
  Piece of code to detect and remove hooks in IAT
  ☆65Updated 3 years ago
• kyleavery / pendulum
  Linux Sleep Obfuscation
  ☆107Updated 2 years ago
• EgeBalci / syscall_api
  ☆38Updated 2 years ago
• rbmm / LdrpKernel32DllName
  ☆89Updated last year
• DISREL / Ring0VBA
  CVE-2018-6066 using VBA
  ☆68Updated 3 years ago