Alternatives and similar repositories for crowdstrike-cloudproto

Users that are interested in crowdstrike-cloudproto are comparing it to the libraries listed below

• 0xMegaByte / COM-Explained
  ☆26Updated 2 years ago
• winterknife / EVENSTAR
  Intel 64/Windows low-level experiments
  ☆60Updated 2 weeks ago
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆31Updated 2 years ago
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆35Updated 3 years ago
• jonny-jhnson / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆39Updated last year
• nccgroup / mimikatz-detector-condrv
  The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …
  ☆40Updated 3 years ago
• rbmm / Noname
  really ?
  ☆12Updated last year
• am0nsec / vxlib
  C Header Only Library for Virii
  ☆10Updated 4 years ago
• gmh5225 / Driver-SoulExtraction
  SoulExtraction is a windows driver library for extracting cert information in windows drivers
  ☆24Updated 2 years ago
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆40Updated 10 months ago
• thalium / WinDbgFastObj
  ☆21Updated 4 years ago
• trailofbits / WinDbg-JS
  ☆25Updated last year
• s4dbrd / ETWReader
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆17Updated last year
• yo-yo-yo-jbo / virtual_memory_known_dlls
  ☆19Updated 2 years ago
• ioncodes / rw
  allowing um r/w through km from um ioctl ™
  ☆11Updated 3 years ago
• 0vercl0k / KEPaboo
  Neutralize KEPServerEX anti-debugging techniques
  ☆32Updated 2 years ago
• Signal-Labs / Hotpatching_PoC
  ☆22Updated 2 years ago
• rad9800 / RansomFS
  ☆31Updated 6 months ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 4 years ago
• melotic / rekk
  rekk is set of tools written in Rust to obfuscate ELF & PE executables with nanomites.
  ☆32Updated 8 months ago
• 0mWindyBug / RansomGuard
  anti-ransomware file-system filter
  ☆61Updated last year
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆80Updated 2 months ago
• yo-yo-yo-jbo / anti_debugging_intro
  ☆25Updated 2 years ago
• LloydLabs / dearg-thread-ipc-stealth
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆114Updated 4 years ago
• x0reaxeax / Fetch-n-Exec
  An x64 binary executing code that's not inside of it.
  ☆15Updated 2 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆90Updated last year
• rbmm / LdrpKernel32DllName
  ☆85Updated last year
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆69Updated last year
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆21Updated 2 years ago
• lem0nSec / Alcatraz
  An example of Windows self-replicating malware.
  ☆11Updated 2 years ago