winterknife/EVENSTAR external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

winterknife/EVENSTAR

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/winterknife/EVENSTAR)

Close

winterknife / EVENSTARView on GitHubMore

• External links
• Readme badge

Intel 64/Windows low-level experiments

☆76Apr 28, 2026Updated this week

Alternatives and similar repositories for EVENSTAR

Users that are interested in EVENSTAR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ZakiPedio / BridgeHead

  View on GitHub
  Native C++ access to Active Directory over ADWS, no .NET, no WCF, no HTTP stack.
  ☆73Mar 27, 2026Updated last month
• mannyfred / MentalTi

  View on GitHub
  Mentally ill EtwTi parser
  ☆70Jan 11, 2026Updated 3 months ago
• connormcgarr / SkBridge

  View on GitHub
  Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1
  ☆79Sep 8, 2025Updated 7 months ago
• 0mWindyBug / DataptrHooks

  View on GitHub
  ntoskrnl .data hooks for UM-KM communication
  ☆52May 26, 2024Updated last year
• whokilleddb / ETWListicle

  View on GitHub
  List the ETW provider(s) in the registration table of a process.
  ☆82Sep 20, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆127Jan 26, 2023Updated 3 years ago
• dr4ndrei / OHFFLdr

  View on GitHub
  One-header configurable C++20 COFF loader
  ☆20Jul 21, 2025Updated 9 months ago
• Dor00tkit / BamExtensionTableHook

  View on GitHub
  Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…
  ☆95Jul 7, 2025Updated 9 months ago
• MythicAgents / VECTR

  View on GitHub
  A service container for interacting with SRA's VECTR
  ☆17Apr 9, 2025Updated last year
• rbmm / TL-TASK

  View on GitHub
  ☆19Sep 17, 2025Updated 7 months ago
• 0x1c1101 / zombie_asm

  View on GitHub
  C++ Assembler with Built-in Mutation Engine
  ☆30Sep 6, 2025Updated 7 months ago
• libyal / libfsclfs

  View on GitHub
  Library and tools to access the Common Log File System (CLFS)
  ☆26Dec 4, 2025Updated 4 months ago
• yamakadi / ldr

  View on GitHub
  A work in progress BOF/COFF loader in Rust
  ☆50Mar 22, 2023Updated 3 years ago
• rtecCyberSec / BitlockMove

  View on GitHub
  Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
  ☆440Jun 27, 2025Updated 10 months ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• bitdefender / hypervinject-poc

  View on GitHub
  ☆59Feb 19, 2026Updated 2 months ago
• btbd / ddma

  View on GitHub
  Disks for DMA
  ☆152Apr 28, 2021Updated 5 years ago
• redthing1 / w1tn3ss

  View on GitHub
  binary instrumentation, analysis, and patching framework
  ☆105Feb 20, 2026Updated 2 months ago
• EspressoCake / cIdentifyServiceDependencies_BOF

  View on GitHub
  Beacon Object File (BOF) for identifying dependent child services of a given parent.
  ☆19Jun 20, 2025Updated 10 months ago
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated last year
• Idov31 / Jormungandr

  View on GitHub
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆244Sep 26, 2023Updated 2 years ago
• silentwarble / PIC-Library

  View on GitHub
  A collection of position independent coding resources
  ☆112Nov 15, 2025Updated 5 months ago
• Mav3rick33 / ZenLdr

  View on GitHub
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆101Feb 28, 2023Updated 3 years ago
• ByteWhite1x1 / PatchGuardResearch

  View on GitHub
  Bypassing kernel patch protection runtime
  ☆22Feb 19, 2023Updated 3 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• ZehMatt / x86Tester

  View on GitHub
  x86-64 Automated test data generator
  ☆26Aug 18, 2025Updated 8 months ago
• 0x4d5a-ctf / 38c3_com_talk

  View on GitHub
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆75Jan 3, 2025Updated last year
• 0xcf80 / ShellCodeLoader_Indirect_Syscalls

  View on GitHub
  Shellcode Loader using indirect syscalls
  ☆16Jan 21, 2024Updated 2 years ago
• Zeyad-Azima / ShellcodeGenZ

  View on GitHub
  GenZ Shellcode Generator to execute commands with winExec API
  ☆22Apr 27, 2025Updated last year
• rbmm / SC_DEMO

  View on GitHub
  ☆128Dec 12, 2025Updated 4 months ago
• wyyqyl / HookIAT

  View on GitHub
  ☆15Sep 24, 2012Updated 13 years ago
• preludeorg / Regstoration

  View on GitHub
  A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library
  ☆24Nov 13, 2025Updated 5 months ago
• rasta-mouse / SpawnWith

  View on GitHub
  ☆111Feb 17, 2025Updated last year
• keowu / wintapix

  View on GitHub
  Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…
  ☆22Jul 6, 2024Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• assarbad / msvc-undoc

  View on GitHub
  Undocumented MSVC
  ☆45Nov 10, 2025Updated 5 months ago
• vmsplit / IceVMM

  View on GitHub
  minimal hypervisor for aarch64 (WIP)
  ☆31Nov 29, 2025Updated 5 months ago
• joaoviictorti / uwd

  View on GitHub
  Call Stack Spoofing for Rust
  ☆216Jan 28, 2026Updated 3 months ago
• 0xf00sec / Aether

  View on GitHub
  Self-mutating macOS implant
  ☆129Apr 18, 2026Updated last week
• 0xedh / DEFCON33-KillChainReloaded

  View on GitHub
  Repository for the DEF CON 33 talk: Kill Chain Reloaded
  ☆83Aug 3, 2025Updated 8 months ago
• Cracked5pider / unguard-eat

  View on GitHub
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆42Aug 6, 2024Updated last year
• jayesther / KTM_POCS

  View on GitHub
  Reports and POCs for CVE 2024-43570 and CVE-2024-43535
  ☆30Jun 7, 2025Updated 10 months ago