Alternatives and similar repositories for okhi

Users that are interested in okhi are comparing it to the libraries listed below

• therealdreg / ftdibrick
  FTDI bricker just for fun - malware POC+hardware hacking CTF
  ☆20Updated last year
• JanielDary / ELFieScanner
  A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by…
  ☆83Updated last year
• x86byte / Stuxnet-Rootkit
  Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
  ☆75Updated last year
• keyboardcrunch / sentinelone_usbscan
  A custom SentinelOne USB scanner.
  ☆18Updated 3 years ago
• MatheuZSecurity / detect-lkm-rootkit-cheatsheet
  Cheat sheet to detect and remove linux kernel rootkit
  ☆74Updated 11 months ago
• ArtemBaranov / WindowsRootkitsGuide
  ☆71Updated 9 months ago
• tanc7 / skidstorm
  ☆26Updated 7 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆111Updated 5 months ago
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated last year
• MatheuZSecurity / UnhookingLinuxEdr
  Attacking the cleanup_module function of a kernel module
  ☆52Updated 4 months ago
• naacbin / CovenantDecryptor
  ☆34Updated last year
• ic3qu33n / OffensiveCon24-uefi-task-of-the-translator
  OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"
  ☆43Updated last year
• cyberark / malware-research
  ☆37Updated 8 months ago
• mephistolist / tito
  In-Memory Rootkit For Linux and BSD
  ☆86Updated 3 months ago
• Rizer0 / Ropdump
  ROPDump is a command-line tool designed to analyze binary executables for potential Return-Oriented Programming (ROP) gadgets, buffer ove…
  ☆87Updated last year
• FFRI / orom-backdoor-research
  PoC code and tools for Black Hat USA 2024
  ☆24Updated last year
• rad9800 / talks
  ☆60Updated 6 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated 2 years ago
• MatheuZSecurity / ElfDoor-gcc
  ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
  ☆130Updated 7 months ago
• hackerhouse-opensource / AESCrypt
  AES-256 Microsoft Cryptography API Example Use.
  ☆35Updated last year
• martanne / bitpixie
  Bitpixie exploitation PoC
  ☆74Updated 2 weeks ago
• MatheuZSecurity / ModTracer
  ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.
  ☆88Updated 8 months ago
• MatheuZSecurity / Rootkit
  Collection of codes focused on Linux rootkits
  ☆185Updated 3 weeks ago
• grahamhelton / USP
  Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script)
  ☆146Updated last year
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆117Updated last year
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• volticks / CVE-2025-21692-poc
  Proof of concept source code and misc files for my CVE-2025-21692 exploit, kernel version 6.6.75
  ☆37Updated 2 months ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆58Updated last year
• andrewjlamarche / ubiquity-toolkit
  A collection of statically-linked tools targeted to run on almost any linux system.
  ☆32Updated 2 months ago
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆39Updated 8 months ago