Alternatives and similar repositories for Malcrow

Users that are interested in Malcrow are comparing it to the libraries listed below

• moval0x1 / NoDelete
  NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.
  ☆48Updated 10 months ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆69Updated last year
• thinkst / defending-off-the-land
  Assortment of scripts and tools for our Blackhat EU 2024 talk
  ☆100Updated 9 months ago
• jonny-jhnson / PowerParse
  PowerShell PE Parser
  ☆64Updated last year
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆28Updated last year
• SafeBreach-Labs / DoubleDrive
  A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
  ☆127Updated last year
• MatheuZSecurity / detect-lkm-rootkit-cheatsheet
  Cheat sheet to detect and remove linux kernel rootkit
  ☆74Updated 11 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆91Updated last year
• dr4k0nia / tooling-playground
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆66Updated 2 years ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆53Updated 10 months ago
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆72Updated 6 months ago
• MazX0p / CobaltSentry
  ☆24Updated 9 months ago
• krdmnbrk / atomicgen.io
  A simple tool designed to create Atomic Red Team tests with ease.
  ☆48Updated 8 months ago
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆39Updated 9 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆33Updated 10 months ago
• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆66Updated 6 months ago
• rad9800 / PMD
  ☆154Updated 6 months ago
• lkarlslund / nifo
  Nuke It From Orbit - remove AV/EDR with physical access
  ☆271Updated 11 months ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆78Updated last year
• ArtemBaranov / WindowsRootkitsGuide
  ☆71Updated 9 months ago
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆150Updated last year
• D4RK-R4BB1T / BlackBasta-Chats
  ☆49Updated 8 months ago
• LOTTunnels / LOTTunnels.github.io
  ☆111Updated 4 months ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆54Updated 11 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 4 months ago
• DebugPrivilege / OpenProject
  A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding …
  ☆37Updated last year
• Antonlovesdnb / ConstructingDefenseLab
  Ludus range for the Constructing Defense Lab
  ☆64Updated last week
• jonny-jhnson / ETWInspector
  ☆180Updated 6 months ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆73Updated 5 months ago
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆133Updated last month