Alternatives and similar repositories for hidefs

Users that are interested in hidefs are comparing it to the libraries listed below

• MatheuZSecurity / ElfDoor-gcc
  ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
  ☆131Updated 8 months ago
• Pdawg-bytes / UEFIBootKit
  A simple UEFI bootkit made by @NSG650 and me.
  ☆26Updated last year
• winterknife / EVENSTAR
  Intel 64/Windows low-level experiments
  ☆62Updated 4 months ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆63Updated 3 years ago
• bitdefender / hypervinject-poc
  ☆53Updated 5 months ago
• electroglyph / anti_defender
  A slightly more fun way to disable windows defender
  ☆50Updated 8 months ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆30Updated last year
• joaoviictorti / coffeeldr
  A COFF Loader written in Rust
  ☆133Updated last month
• vmsplit / icekit
  I/O Cache-As-Ram + AMD x86_64 cache line locking | Mirror of https://codeberg.org/3itch/icekit
  ☆18Updated 10 months ago
• souzomain / Packer
  Packer is a compact, fast and crosss-platform serialization library for store data in a buffer
  ☆22Updated 2 years ago
• li4321 / selfmovingdll
  ☆24Updated last year
• xaitax / NTSleuth
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆160Updated 4 months ago
• synacktiv / windows_kernel_shadow_stack
  Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.
  ☆52Updated 7 months ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆74Updated last year
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆80Updated 6 months ago
• 0xbigshaq / GenesisOS
  curiosity got me here
  ☆45Updated last year
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆73Updated 8 months ago
• Goodies365 / YandexDecrypt
  Decrypting yandex browser passwords
  ☆28Updated 9 months ago
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆41Updated 2 years ago
• qtc-de / rpv
  rpv is a v library for analyzing RPC servers and interfaces on the Windows operating system
  ☆36Updated last month
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆120Updated 2 years ago
• ldpreload / werkernel
  Windows LPE Nday
  ☆31Updated last year
• joaoviictorti / dinvk
  Dynamically invoke arbitrary code in Rust (Dinvoke)
  ☆99Updated last month
• eversinc33 / GpuDecryptShellcode
  XOR decrypting shellcode using the GPU with OpenCL.
  ☆118Updated 7 months ago
• leftp / FirewallMoniker
  A C# implementation that disables Windows Firewall bypassing UAC
  ☆16Updated last year
• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆63Updated last year
• m3rcer / IRvana
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆126Updated 2 weeks ago
• kyleavery / pendulum
  Linux Sleep Obfuscation
  ☆107Updated 2 years ago
• Irate-Walrus / stardust-rs
  An i686 & x86_64 position independent implant template for Rust 🦀
  ☆32Updated 6 months ago
• XaFF-XaFF / WinREPL
  WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.
  ☆17Updated 3 years ago