Alternatives and similar repositories for sharem

Users that are interested in sharem are comparing it to the libraries listed below

• Unprotect-Project / Unprotect_Submission
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆192Updated 2 weeks ago
• Faran-17 / Windows-Internals
  Important notes and topics on my journey towards mastering Windows Internals
  ☆409Updated last year
• trailofbits / RpcInvestigator
  Exploring RPC interfaces on Windows
  ☆330Updated last year
• forrest-orr / moneta
  Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
  ☆774Updated last year
• TakahiroHaruyama / VDR
  Vulnerable driver research tool, result and exploit PoCs
  ☆217Updated last year
• jstrosch / sclauncher
  A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …
  ☆163Updated last year
• pathtofile / Sealighter
  Sysmon-Like research tool for ETW
  ☆365Updated 2 years ago
• c3rb3ru5d3d53c / binlex
  A Binary Genetic Traits Lexer Framework
  ☆516Updated last month
• rajiv2790 / FalconEye
  ☆300Updated 4 years ago
• zeze-zeze / ioctlance
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆402Updated last week
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆419Updated 2 months ago
• daem0nc0re / VectorKernel
  PoCs for Kernelmode rootkit techniques research.
  ☆406Updated 3 weeks ago
• ElliotKillick / operating-system-design-review
  Operating System Design Review: A systematic analysis of modern systems architecture
  ☆324Updated 7 months ago
• frank2 / packer-tutorial
  A tutorial on how to write a packer for Windows!
  ☆292Updated last year
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆658Updated 2 years ago
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆421Updated last week
• commial / experiments
  Expriments
  ☆468Updated last year
• Dec0ne / HWSyscalls
  HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
  ☆693Updated 2 years ago
• daem0nc0re / AtomicSyscall
  Tools and PoCs for Windows syscall investigation.
  ☆362Updated 3 months ago
• OALabs / hashdb
  Assortment of hashing algorithms used in malware
  ☆379Updated last month
• ExaTrack / Kdrill
  Python tool to check rootkits in Windows kernel
  ☆201Updated last month
• Cracked5pider / LdrLibraryEx
  A small x64 library to load dll's into memory.
  ☆450Updated last year
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆768Updated 2 weeks ago
• klezVirus / SilentMoonwalk
  PoC Implementation of a fully dynamic call stack spoofer
  ☆840Updated last year
• mandiant / xrefer
  FLARE Team's Binary Navigator
  ☆280Updated 2 months ago
• struppigel / hedgehog-tools
  ☆113Updated 2 months ago
• rad9800 / TamperingSyscalls
  ☆492Updated 3 years ago
• thefLink / Hunt-Sleeping-Beacons
  Aims to identify sleeping beacons
  ☆630Updated 9 months ago
• yardenshafir / WinDbg_Scripts
  Useful scripts for WinDbg using the debugger data model
  ☆421Updated last year
• br-sn / CheekyBlinder
  Enumerating and removing kernel callbacks using signed vulnerable drivers
  ☆581Updated 2 years ago