Alternatives and similar repositories for eBPFStudio:

Users that are interested in eBPFStudio are comparing it to the libraries listed below

• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆45Updated 10 months ago
• 0xlane / com-process-inject
  Process Injection via Component Object Model (COM) IRundown::DoCallback().
  ☆58Updated 2 years ago
• wwh1004 / AmsiBypassUacDetector
  Detect BypassUAC using AMSI
  ☆22Updated last month
• zodiacon / winnativeapibooksamples
  Samples from my book Windows Native API programming
  ☆60Updated last week
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆89Updated 2 years ago
• baiyies / CrossInject
  32 bit process inject shellcode to 32 bit process and 64 bit process
  ☆29Updated last year
• OxNinja / C-VM
  My try to implement a virtual CPU in C
  ☆19Updated last year
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆112Updated last year
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆56Updated 6 months ago
• zodiacon / RemoteThreadDetection
  Remote Thread Detection with a Kernel Driver
  ☆29Updated 2 months ago
• Coldzer0 / TinyPDBParser
  Windows PDB Parser using Imagehlp library.
  ☆16Updated 2 years ago
• D0pam1ne705 / Direct-NtCreateUserProcess
  Call NtCreateUserProcess directly as normal.
  ☆68Updated 2 years ago
• ReCryptLLC / CVE-2022-42045
  ☆37Updated last year
• jseclab / obj2shellcode
  shellcode生成框架
  ☆84Updated 8 months ago
• repnz / rpcmon
  RPC Monitor based on The ETW Microsoft-Windows-Rpc provider
  ☆24Updated 5 years ago
• evilashz / PigSyscall
  An implementation of an indirect system call
  ☆123Updated last year
• hid3rx / GhostWriting
  ☆30Updated last year
• joaoviictorti / coffeeldr
  A COFF Loader written in Rust
  ☆63Updated this week
• MahmoudZohdy / APICallProxy
  Windows API Call Obfuscation
  ☆99Updated 2 years ago
• hamflx / forward-dll
  DLL 转发工具方法。
  ☆51Updated last year
• The-Z-Labs / cli4bofs
  Command line interface for (running) BOFs
  ☆43Updated this week
• tandasat / CVE-2022-25949
  A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
  ☆38Updated 3 years ago
• crisprss / Extracted_WD_VDM
  Windows Defender VDM lua collections
  ☆47Updated 2 years ago
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆31Updated 2 years ago
• gerhart01 / Hyper-V-Tools
  Different tools for Microsoft Hyper-V researching
  ☆49Updated 9 months ago
• securedglobe / PersistantService
  A persistant Windows Service Proof of Concept, where the Service will run after Restart or Shutdown, and invoke a given software executab…
  ☆38Updated last year
• zodiacon / WinEventHooks
  SetWinEventHook Sample
  ☆46Updated last year
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆47Updated 10 months ago
• huoji120 / Etw-Syscall
  https://key08.com/index.php/2021/10/19/1375.html
  ☆66Updated 2 years ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆85Updated 2 years ago