Alternatives and similar repositories for okhi

Users that are interested in okhi are comparing it to the libraries listed below

• therealdreg / ftdibrick

  View on GitHub
  FTDI bricker just for fun - malware POC+hardware hacking CTF
  ☆19Sep 23, 2024Updated last year
• NUL0x4C / DeleteShadowCopies

  View on GitHub
  Deleting Shadow Copies In Pure C++
  ☆118Oct 31, 2022Updated 3 years ago
• PL-V / Firefox-WebInject

  View on GitHub
  Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
  ☆42Oct 30, 2022Updated 3 years ago
• Cracked5pider / kaine-assembly

  View on GitHub
  a demo module for the kaine agent to execute and inject assembly modules
  ☆41Aug 28, 2024Updated last year
• therealdreg / pdbdump_bochs

  View on GitHub
  Dump PDB Symbols including support for Bochs Debugging Format (with wine support)
  ☆14Aug 11, 2023Updated 2 years ago
• djhohnstein / HookDetector

  View on GitHub
  Playing with PE's and Building Structures by Hand
  ☆22Apr 21, 2022Updated 3 years ago
• eversinc33 / UnXorStringsNet

  View on GitHub
  Deobfuscation of XorStringsNet
  ☆14Nov 5, 2024Updated last year
• Real-Cryillic / Sarla

  View on GitHub
  It's what all the kids are talking about
  ☆12Apr 25, 2023Updated 2 years ago
• connormcgarr / EATGuard

  View on GitHub
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆115May 21, 2023Updated 2 years ago
• nbqofficial / asm-lib

  View on GitHub
  Libraries written in inline assembly
  ☆19Aug 7, 2023Updated 2 years ago
• therealdreg / dregate

  View on GitHub
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆32Aug 11, 2023Updated 2 years ago
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• eversinc33 / PSXecute

  View on GitHub
  MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.
  ☆124Dec 6, 2024Updated last year
• l4rm4nd / PyADRecon

  View on GitHub
  Python3 implementation of ADRecon with support for NTLM and Kerberos authentication. Generates individual CSV files and a single XSLX rep…
  ☆24Updated this week
• Meckazin / HidingFromETW

  View on GitHub
  PoC for detecting and evading ETW detection of .Net Assembly.Load
  ☆21Aug 26, 2020Updated 5 years ago
• therealdreg / pico-usb-sniffer-lite

  View on GitHub
  A simple USB sniffer based on Raspberry PI PICO RP2040 (pico-sdk)
  ☆43Nov 6, 2025Updated 3 months ago
• loneicewolf / smbdoor

  View on GitHub
  improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
  ☆49Mar 10, 2023Updated 2 years ago
• xct / CVE-2024-27460

  View on GitHub
  Plantronics Desktop Hub LPE
  ☆37May 15, 2024Updated last year
• joaoviictorti / coffeeldr

  View on GitHub
  A COFF Loader written in Rust
  ☆135Dec 1, 2025Updated 2 months ago
• Tserith / Parasite

  View on GitHub
  Compact MBR Bootkit for Windows
  ☆52Jan 13, 2022Updated 4 years ago
• Signal-Labs / Hotpatching_PoC

  View on GitHub
  ☆22Mar 6, 2023Updated 2 years ago
• OG-Sadpanda / SharpZippo

  View on GitHub
  List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly
  ☆61May 24, 2022Updated 3 years ago
• SamuelTulach / HookGuard

  View on GitHub
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆225Jan 24, 2025Updated last year
• EgeBalci / deoptimizer

  View on GitHub
  Evasion by machine code de-optimization.
  ☆416Jul 22, 2024Updated last year
• som3canadian / Mythic_NimSyscallPacker_Wrapper

  View on GitHub
  Mythic C2 wrapper for NimSyscallPacker
  ☆25Mar 12, 2025Updated 11 months ago
• aazhuliang / CVE-2021-31956-EXP

  View on GitHub
  ☆40Jan 11, 2022Updated 4 years ago
• worawit / malk

  View on GitHub
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆79Dec 21, 2022Updated 3 years ago
• eladshamir / RPC-Backdoor

  View on GitHub
  A basic emulation of an "RPC Backdoor"
  ☆242Aug 25, 2022Updated 3 years ago
• Dramelac / GoldenCopy

  View on GitHub
  Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.
  ☆102May 6, 2024Updated last year
• therealdreg / masm32-kernel-programming

  View on GitHub
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆128Aug 11, 2023Updated 2 years ago
• adamhlt / Cave-Finder

  View on GitHub
  Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files
  ☆70Aug 1, 2023Updated 2 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆265Aug 31, 2022Updated 3 years ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• jakobfriedl / BenevolentLoader

  View on GitHub
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆102Jun 16, 2024Updated last year
• SamuelTulach / SecureGame

  View on GitHub
  Proof-of-concept game using VBS enclaves to protect itself from cheating
  ☆49Nov 10, 2024Updated last year
• NioZow / bof-collection

  View on GitHub
  ☆21Feb 22, 2025Updated 11 months ago
• senko37 / drvload-bootkit

  View on GitHub
  EFI bootkit for loading unsigned drivers
  ☆35Jun 28, 2024Updated last year
• G0ldenGunSec / DayBird

  View on GitHub
  Extension functionality for the NightHawk operator client
  ☆26Nov 3, 2023Updated 2 years ago
• intel / unicorn-for-efi

  View on GitHub
  Unicorn Engine port for UEFI firmware
  ☆50Mar 25, 2025Updated 10 months ago