Alternatives and similar repositories for WaryasSWHE

Users that are interested in WaryasSWHE are comparing it to the libraries listed below

• preludeorg / ThreatIntelligenceConsumer

  View on GitHub
  Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…
  ☆63Jan 19, 2026Updated 3 weeks ago
• LabGuy94 / CopyMyWrite

  View on GitHub
  Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty
  ☆86Feb 1, 2026Updated 2 weeks ago
• JustasMasiulis / rep_mov_ept_detecc

  View on GitHub
  ☆94Oct 25, 2025Updated 3 months ago
• rsnrsnrsn / Code-execution-by-abusing-VEH

  View on GitHub
  Achieving code execution through abusing vectored exception handling
  ☆17May 28, 2023Updated 2 years ago
• NadavLor / windbg-ext-mcp

  View on GitHub
  WinDbg-ext-MCP bridges your favorite LLM client (like Cursor, Claude, or VS Code) with WinDbg, enabling real-time, AI assisted kernel deb…
  ☆71Sep 10, 2025Updated 5 months ago
• BushANQ / Get_AV

  View on GitHub
  在线安软识别
  ☆12Aug 6, 2025Updated 6 months ago
• LabGuy94 / Diskjacker

  View on GitHub
  Hijacking Hyper-V at Runtime with DDMA
  ☆76Aug 13, 2025Updated 6 months ago
• Octoberfest7 / ThreadCPUAssignment_POC

  View on GitHub
  A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread
  ☆30Sep 24, 2025Updated 4 months ago
• SamuelTulach / HookGuard

  View on GitHub
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆225Jan 24, 2025Updated last year
• Oliver-1-1 / GhostMapper

  View on GitHub
  ☆355May 11, 2025Updated 9 months ago
• ig-labs / defender-mpengine-fuzzing

  View on GitHub
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆39Jul 29, 2025Updated 6 months ago
• donnaskiez / nmi

  View on GitHub
  nmi stackwalking + module verification
  ☆157Dec 28, 2023Updated 2 years ago
• zero2504 / COMouflage

  View on GitHub
  COM-based DLL Surrogate Injection
  ☆140Dec 9, 2025Updated 2 months ago
• krispybyte / roprw

  View on GitHub
  Windows kernel ROP-only implant exposing R/W primitives
  ☆36Feb 1, 2026Updated 2 weeks ago
• zer0condition / checkhv_um

  View on GitHub
  tests to catch some sloppy hv impls
  ☆32Dec 17, 2025Updated last month
• trieck / comexplore

  View on GitHub
  A Windows C++ OLE/COM Object explorer written in WTL.
  ☆16Feb 28, 2025Updated 11 months ago
• thiagomayllart / DarkMelkor

  View on GitHub
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆28Sep 8, 2021Updated 4 years ago
• GetRektBoy724 / Win32kHooker

  View on GitHub
  .data ptr swapper for newer win32k versions. (Supports Windows 11)
  ☆33Jan 19, 2026Updated 3 weeks ago
• rxOred / process-hollowing

  View on GitHub
  process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
  ☆31Jan 9, 2022Updated 4 years ago
• zero2504 / FrostLock-Injection

  View on GitHub
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆42Apr 6, 2025Updated 10 months ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• huoji120 / awesome_anti_virus_engine

  View on GitHub
  about how to make a anti-virus engine
  ☆106May 22, 2025Updated 8 months ago
• 0xflux / Hells-Hollow

  View on GitHub
  Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
  ☆214Aug 31, 2025Updated 5 months ago
• backengineering / vmp2

  View on GitHub
  VMProtect2 Deobfuscation Tooling
  ☆87Nov 12, 2025Updated 3 months ago
• passthehashbrowns / Being-A-Good-CLR-Host

  View on GitHub
  ☆86Jan 21, 2025Updated last year
• C5Hackr / Eclipse

  View on GitHub
  A unique introduction to native runtime obfuscation.
  ☆74Mar 2, 2025Updated 11 months ago
• Teach2Breach / moonwalk

  View on GitHub
  find dll base addresses without PEB WALK
  ☆157Jul 13, 2025Updated 7 months ago
• zer0condition / ZeroHVCI

  View on GitHub
  Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…
  ☆253Oct 26, 2024Updated last year
• synctop / tpm-mmio

  View on GitHub
  Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.
  ☆53May 29, 2024Updated last year
• weak1337 / copy_call

  View on GitHub
  ☆23Oct 18, 2021Updated 4 years ago
• gmh5225 / warbird-example

  View on GitHub
  ☆24Jul 15, 2023Updated 2 years ago
• klezVirus / SilentMoonwalk

  View on GitHub
  PoC Implementation of a fully dynamic call stack spoofer
  ☆901Jul 20, 2024Updated last year
• Dor00tkit / BamExtensionTableHook

  View on GitHub
  Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…
  ☆92Jul 7, 2025Updated 7 months ago
• pop-rip / vtil2

  View on GitHub
  VTIL2 is a ground-up reimagination of the VTIL Project, completely rewritten in modern C# with enterprise-grade architecture, performance…
  ☆63Oct 29, 2025Updated 3 months ago
• kleiton0x00 / RtlHijack

  View on GitHub
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆78Aug 25, 2025Updated 5 months ago
• stuxnet147 / Win-Kernel-PiDqSerializationWrite-Example

  View on GitHub
  How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver
  ☆26May 29, 2023Updated 2 years ago
• R41N3RZUF477 / QuickAssist_UAC_Bypass

  View on GitHub
  UAC Bypass using UIAccess program QuickAssist
  ☆210Nov 30, 2025Updated 2 months ago
• DErDYAST1R / EAC-CR3Bypass

  View on GitHub
  My EAC & BE Rady CR3 Reading & Writing source that I use for my KM Drivers.
  ☆95Sep 27, 2025Updated 4 months ago
• m3rcer / IRvana

  View on GitHub
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆130Dec 24, 2025Updated last month