Alternatives and similar repositories for Rootkit-Arsenal

Users that are interested in Rootkit-Arsenal are comparing it to the libraries listed below

• deroko / activationcontexthook
  ☆34Updated 7 years ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 7 years ago
• mgeeky / HEVD_Kernel_Exploit
  Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
  ☆66Updated 3 years ago
• vineetgaurav / WIN_JELLY
  Windows GPU rootkit PoC by Team Jellyfish
  ☆36Updated 10 years ago
• connormcgarr / Presentations
  ☆28Updated 9 months ago
• rwfpl / rewolf-pcausa-exploit
  PCAUSA Rawether for Windows Local Privilege Escalation
  ☆38Updated 8 years ago
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 7 years ago
• sysopfb / Unpackers
  My collection of unpackers for malware packers/crypters
  ☆28Updated 7 years ago
• TalBlum / Anti-Disassembly
  A collection of anti disassembly techniques
  ☆19Updated 8 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• m0n0ph1 / shellcode-2
  x86 and x86-64 shellcodes for Windows, Mac OSX, Linux, BSD and Solaris
  ☆15Updated 7 years ago
• marcusbotacin / Anti.Analysis
  Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis
  ☆45Updated 7 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆37Updated 6 years ago
• Microwave89 / syscalltest
  PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls
  ☆39Updated 9 years ago
• hasherezade / hidden_bee_tools
  Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware
  ☆52Updated this week
• Dump-GUY / Python3---Binary-Data-Manipulation
  Python 3 - Manipulation and conversation with different data type (Bytes operations)
  ☆26Updated 3 years ago
• majdi / deadlands
  🐧 A simple kernel-level rootkit
  ☆20Updated 9 years ago
• secrary / findLoop
  findLoop - find possible encryption/decryption or compression/decompression code
  ☆26Updated 6 years ago
• Fmk0 / templates
  ☆36Updated 5 years ago
• hasherezade / paramkit
  A small library helping to parse commandline parameters (for C/C++)
  ☆57Updated 2 months ago
• karol-gruszczyk / win-rootkit
  ☆23Updated 9 years ago
• mgrube / DragonKing
  Open Source Rootkit
  ☆22Updated 8 years ago
• aaaddress1 / Lexa
  Windows Application Loader Running *.Exe files in Memory against Scrylla
  ☆21Updated 5 years ago
• En14c / Erebus
  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
  ☆29Updated 5 years ago
• zodiacon / AccessMask
  ☆20Updated 6 years ago
• NtRaiseHardError / NtRaiseHardError.github.io
  Build a Jekyll blog in minutes, without touching the command line.
  ☆16Updated 6 years ago
• 0xN3utr0n / Noteme
  ELF packer/crypter that aims to create hardened and stealthy troyans
  ☆54Updated 3 years ago
• dsnezhkov / exclave
  ☆16Updated 4 years ago
• mponcet / subversive
  x86_64 linux rootkit using debug registers
  ☆52Updated 3 years ago
• shamrockhoax / mazedecoder
  ☆28Updated 5 years ago