Alternatives and similar repositories for rootkit

Users that are interested in rootkit are comparing it to the libraries listed below

• y11en / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆14Updated 6 years ago
• mponcet / subversive
  x86_64 linux rootkit using debug registers
  ☆52Updated 3 years ago
• MortenSchenk / LoadLibrary-CFG-Bypass
  Control Flow Guard bypass using LoadLibrary and IsBadCodePtr
  ☆45Updated 8 years ago
• epakskape / greenshellcode
  Green shellcode challenge tools
  ☆22Updated 6 years ago
• hatRiot / DelayLoadInject
  Code injection via delay load libraries
  ☆35Updated 7 years ago
• OsandaMalith / PESecInfo
  A simple tool to view important DLL Characteristics and change DEP and ASLR
  ☆44Updated 6 years ago
• RanchoIce / 44Con2018
  Slides of 44Con 2018
  ☆21Updated 6 years ago
• ohjeongwook / REPack
  Reverse engineering toolkit for exploit/malware analysis
  ☆35Updated 5 years ago
• bigric3 / CVE-2018-4901
  crash poc & Leak info PoC
  ☆18Updated 7 years ago
• aaaddress1 / Lexa
  Windows Application Loader Running *.Exe files in Memory against Scrylla
  ☆21Updated 5 years ago
• byck01 / KernelBugTest
  KernelBugTest
  ☆15Updated 7 years ago
• Empier / Anti-Exploit
  This project has been moved from a private repository
  ☆26Updated 7 years ago
• leonwxqian / windows-defender-nscript-loader
  A exe loader that can load NScript evaluation engine of Windows Defender/Microsft Security Essential. You can fuzz NScript by using this.…
  ☆28Updated 7 years ago
• perceptionpoint / suprotect
  Changing memory protection in an arbitrary process
  ☆47Updated 6 years ago
• NoviceLive / shellcoding
  Introduce you to shellcode development.
  ☆23Updated 9 years ago
• DissectMalware / WinNativeIO
  Using Undocumented NTDLL Functions to Read/Write/Delete File
  ☆18Updated 4 years ago
• chkyass / Freebsd-Rootkit
  Lightweight FreeBSD rootkit for stealth persistence, process hiding, and system control.
  ☆19Updated 5 years ago
• nsxz / ReflectiveELFLoader
  Code for diskless loading of ELF Shared Library using Reflective DLL Injection
  ☆53Updated 9 years ago
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver
  exploit termdd.sys(support kb4499175)
  ☆59Updated 5 years ago
• Darkabode / possessor
  User-mode part of Zerokit platform
  ☆22Updated 6 years ago
• 0xAlexei / Publications
  My conference presentations and publications
  ☆26Updated 3 years ago
• DownWithUp / CVE-2018-16712
  PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)
  ☆25Updated 6 years ago
• DownWithUp / CVE-Stockpile
  Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
  ☆49Updated 4 years ago
• Darkabode / 0lib
  Zerokit shared code
  ☆17Updated 6 years ago
• ohjeongwook / sRDI
  ☆26Updated 7 years ago
• eLoopWoo / kernel-drivers-windows
  Modify data structures in the Windows kernel, hiding processes by PID
  ☆15Updated 7 years ago
• bnagy / raf
  Ruby ALPC Fuzzer ( joke )
  ☆24Updated 10 years ago
• humeafo / scc
  a C/C++ shellcode compiler based on llvm/clang
  ☆37Updated 9 years ago
• jacob-baines / jit_obfuscation_poc
  Using GNU lightning to generate xor deobfuscation at runtime
  ☆27Updated 7 years ago
• MortenSchenk / Privilege_Shellcode
  Kernel Shellcode to add all privileges in token
  ☆13Updated 8 years ago