Alternatives and similar repositories for singlestep_xorstub:

Users that are interested in singlestep_xorstub are comparing it to the libraries listed below

• tyranid / windows-memory-access-traps
  A few examples of how to trap virtual memory access on Windows.
  ☆28Updated 3 months ago
• melotic / nanostorm
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆18Updated 3 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• PL-V / Firefox-Grabber
  Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
  ☆42Updated 2 years ago
• kyleavery / pendulum
  Linux Sleep Obfuscation
  ☆94Updated last year
• dobin / ace-firefist
  Attack chain emulator. Write recipes for initial access easily
  ☆20Updated last month
• rbmm / DirectSysCall
  ☆12Updated last year
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆31Updated last year
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• GetRektBoy724 / Breaking-Detecting-Direct-Syscall-Techniques
  A repository filled with ideas to break/detect direct syscall techniques
  ☆27Updated 2 years ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆21Updated 5 months ago
• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆47Updated 2 months ago
• rbmm / Noname
  really ?
  ☆12Updated last year
• Stuuxx / awesome-persistence
  Persistence techniques for windows.
  ☆19Updated last year
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆48Updated last year
• cocomelonc / 2022-07-21-malware-tricks-22
  Run payload like a Lazarus Group (UuidFromStringA). C++ implementation
  ☆19Updated 2 years ago
• 0xjbb / vehspoof
  Callstack spoofing using a VEH because VEH all the things.
  ☆19Updated last week
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆100Updated last year
• MathildeVenault / TheRestarter
  Released alongside with a talk at REcon 2023, TheRestarter is an interactive command-line tool is designed to interact with the Windows …
  ☆14Updated last year
• Wh04m1001 / RazerEoP
  ☆26Updated 2 years ago
• susMdT / clr-thing
  rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
  ☆15Updated last year
• zodiacon / NativePowers
  Native Powers Talk demos
  ☆14Updated last year
• chryzsh / linux_bof
  ELF Beacon Object File (BOF) Template
  ☆18Updated 4 months ago
• lleon1435 / Kernel_VADInjector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆50Updated last year
• winsecurity / AMSI-Bypass-HWBP
  ☆20Updated 3 weeks ago
• Slowerzs / CryptDecryptMemory
  ☆29Updated 3 months ago
• zimnyaa / inmembof.py
  A small example of loading BOFs in Python with pure reflection
  ☆19Updated 2 years ago
• EvanMcBroom / sleepy
  A lexer and parser for Sleep
  ☆16Updated 2 months ago
• mgrube / recon_22
  ☆10Updated 2 years ago
• demon-i386 / binarybinarybinary
  some AV / EDR / analysis studies
  ☆11Updated last year