Alternatives and similar repositories for diagtrack

Users that are interested in diagtrack are comparing it to the libraries listed below

• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆65Updated 4 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• FuzzySecurity / IBM-RedCON-2020
  IBM RedCON 2020 - Throwing an AquaWrench into the Kernel
  ☆44Updated 4 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆38Updated 3 years ago
• hotnops / COM_Mapper
  A tool to create COM class/interface relationships in neo4j
  ☆50Updated 2 years ago
• connormcgarr / An-Intro-2-Win-ED
  "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …
  ☆39Updated 5 years ago
• panagioto / Mimir
  A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…
  ☆43Updated 4 years ago
• SolomonSklash / UnhookingPOC
  A small commented POC for removing API hooks placed by AV/EDR.
  ☆34Updated 4 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆39Updated 4 years ago
• DoubleLabyrinth / ProcessHollowing
  ☆36Updated 6 years ago
• DanusMinimus / Injections
  A repository where I share my injection implemintations
  ☆29Updated 4 years ago
• TheWover / donut-demos
  Demos of Donut used in conferences, etc. Mostly for my use, but free for others to use as a reference.
  ☆32Updated 5 years ago
• elastic / PPLGuard
  ☆70Updated 3 months ago
• vineetgaurav / WIN_JELLY
  Windows GPU rootkit PoC by Team Jellyfish
  ☆35Updated 10 years ago
• connormcgarr / Presentations
  ☆28Updated 7 months ago
• passthehashbrowns / hook-integrity-checks
  ☆21Updated 4 years ago
• leoloobeek / COMRunner
  A simple COM server which provides a component to run shellcode
  ☆135Updated 5 years ago
• Jb05s / Exploit-Dev-C
  ☆22Updated 4 years ago
• jackullrich / universal-syscall-64
  Resolve syscall numbers at runtime for all Windows versions.
  ☆61Updated 6 months ago
• jackson5sec / ShimDB
  Shim database persistence (Fin7 TTP)
  ☆37Updated 5 years ago
• aaaddress1 / dnLauncher
  ☆36Updated 3 years ago
• alfarom256 / PebLdr
  ☆15Updated 4 years ago
• polakow / WindowsBypassSMEP
  Example for PagedOut!
  ☆24Updated 5 years ago
• SolomonSklash / SeasideBishop
  A C port of b33f's UrbanBishop
  ☆38Updated 4 years ago
• a7t0fwa7 / windows-ps-callbacks-experiments
  Files for http://deniable.org/windows/windows-callbacks
  ☆25Updated 4 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆29Updated 3 years ago
• ASkyeye / CVE-2018-19320
  Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
  ☆20Updated 5 years ago
• daem0nc0re / HEVD-CSharpKernelPwn
  CSharp Writeups for HackSys Extreme Vulnerable Driver
  ☆43Updated 3 years ago
• 0vercl0k / CVE-2021-32537
  PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.
  ☆57Updated 3 years ago
• ashr / netrefject
  Inject .Net payloads into other .Net assemblies on disk
  ☆61Updated 5 years ago