Alternatives and similar repositories for BehavEye

Users that are interested in BehavEye are comparing it to the libraries listed below

• EvilBytecode / EByte-Ransomware
  Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.
  ☆39Updated 3 months ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆73Updated last year
• KingKDot / PowerCrypt
  The best powershell obfuscator ever made
  ☆109Updated last week
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆59Updated 2 weeks ago
• ZeroMemoryEx / URootkit
  simple user-mode Rootkit
  ☆104Updated 2 years ago
• buzzer-re / Shinigami
  A dynamic unpacking tool
  ☆137Updated last year
• MalwareTech / HiddenDesktop
  Create and enumerate hidden desktops.
  ☆90Updated last year
• lewiswigmore / Virus.xcheck
  Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs…
  ☆55Updated 4 months ago
• IntelBroker / Endurance-Wiper
  a small wiper malware programmed in c#
  ☆59Updated 2 years ago
• FourCoreLabs / TrustedInstallerPOC
  A simple go Proof of Concept to start a new shell as TrustedInstaller
  ☆58Updated last year
• x86byte / LummaC2-Stealer
  LummaC2 extracted binaries by reversing & LummaC2 Stealer Analysis
  ☆78Updated 5 months ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆59Updated 2 years ago
• EvilBytecode / ThunderKitty-Ransomware
  Ransomware written in go, encrypt - decrypt.
  ☆26Updated 3 months ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆30Updated 5 years ago
• SleepTheGod / Windows-Atom-Table-Hijacking
  A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…
  ☆28Updated 10 months ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• knight0x07 / DarkGate-Install-Script-via-DNS-TXT-Record
  PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
  ☆42Updated last year
• CarlosG13 / Process-Hypnosis-Debugger-assisted-control-flow-hijack
  ☆38Updated last year
• hackerhouse-opensource / WMIProcessWatcher
  A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
  ☆135Updated last year
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆72Updated 3 weeks ago
• 0xflux / Rust-Hells-Gate
  Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
  ☆63Updated last year
• micREsoft / SysCaller
  Windows syscall SDK with dynamic offset resolution, validation, obfuscation, and multi language bindings. Bypass API hooks across differe…
  ☆37Updated this week
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆54Updated last year
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated last year
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆38Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆42Updated 10 months ago
• dr4k0nia / tooling-playground
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆66Updated 2 years ago
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆79Updated 2 years ago
• hdks-bug / hermit
  A command and control framework.
  ☆52Updated 7 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆88Updated 2 months ago