Alternatives and similar repositories for WALKWHISPER:

Users that are interested in WALKWHISPER are comparing it to the libraries listed below

• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆30Updated 2 years ago
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆53Updated 2 years ago
• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆36Updated 2 years ago
• aleemladha / wazuh_server_install
  Installing wazuh SIEM Unified XDR and SIEM protection
  ☆21Updated 3 weeks ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 6 months ago
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆56Updated last year
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆58Updated last year
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆25Updated 2 years ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆51Updated 8 months ago
• Bl4ckM1rror / PEAs
  ☆58Updated last year
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆55Updated 2 years ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆24Updated 2 years ago
• dobin / ace-firefist
  Attack chain emulator. Write recipes for initial access easily
  ☆20Updated last year
• OffenseTeacher / Steganim
  ☆47Updated last year
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆88Updated 2 years ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆50Updated 11 months ago
• rvrsh3ll / DInjector
  Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL
  ☆20Updated 2 years ago
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆35Updated 7 months ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆73Updated last year
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆82Updated 11 months ago
• Teach2Breach / dev
  maldev obviously
  ☆25Updated 7 months ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆96Updated 9 months ago
• Slowerzs / CryptDecryptMemory
  ☆29Updated last month
• FuzzySecurity / WWHF-WayWest-2022
  ☆38Updated 2 years ago
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆49Updated 5 months ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• nickzer0 / RagingRotator
  A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.
  ☆74Updated 7 months ago
• rkbennett / pybof
  Python module for running BOFs
  ☆64Updated last year
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆87Updated 2 years ago
• susMdT / fictional-invention
  idk man this was the default github name
  ☆35Updated last year