Alternatives and similar repositories for sharem

Users that are interested in sharem are comparing it to the libraries listed below

• Unprotect-Project / Unprotect_Submission
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆202Updated 3 months ago
• Faran-17 / Windows-Internals
  Important notes and topics on my journey towards mastering Windows Internals
  ☆419Updated last year
• trailofbits / RpcInvestigator
  Exploring RPC interfaces on Windows
  ☆343Updated last year
• zeze-zeze / ioctlance
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆422Updated last month
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆449Updated 2 months ago
• forrest-orr / moneta
  Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
  ☆798Updated last year
• ElliotKillick / operating-system-design-review
  Operating System Design Review: A systematic analysis of modern systems architecture
  ☆336Updated this week
• jstrosch / sclauncher
  A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …
  ☆167Updated last year
• TakahiroHaruyama / VDR
  Vulnerable driver research tool, result and exploit PoCs
  ☆225Updated 2 years ago
• pathtofile / Sealighter
  Sysmon-Like research tool for ETW
  ☆381Updated 3 years ago
• daem0nc0re / VectorKernel
  PoCs for Kernelmode rootkit techniques research.
  ☆425Updated 2 months ago
• frank2 / packer-tutorial
  A tutorial on how to write a packer for Windows!
  ☆302Updated 2 years ago
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆791Updated 4 months ago
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆671Updated 3 years ago
• c3rb3ru5d3d53c / binlex
  A Binary Genetic Traits Lexer Framework
  ☆520Updated 5 months ago
• OALabs / hashdb
  Assortment of hashing algorithms used in malware
  ☆387Updated 2 months ago
• Cracked5pider / LdrLibraryEx
  A small x64 library to load dll's into memory.
  ☆454Updated 2 years ago
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆425Updated 5 months ago
• rajiv2790 / FalconEye
  ☆305Updated 4 years ago
• daem0nc0re / AtomicSyscall
  Tools and PoCs for Windows syscall investigation.
  ☆367Updated last month
• klezVirus / SilentMoonwalk
  PoC Implementation of a fully dynamic call stack spoofer
  ☆886Updated last year
• thefLink / Hunt-Sleeping-Beacons
  Aims to identify sleeping beacons
  ☆650Updated 3 weeks ago
• Dec0ne / HWSyscalls
  HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
  ☆716Updated 2 years ago
• itaymigdal / awesome-injection
  Centralized resource for listing and organizing known injection techniques and POCs
  ☆665Updated 3 weeks ago
• roadwy / DefenderYara
  Extracted Yara rules from Windows Defender mpavbase and mpasbase
  ☆484Updated 3 weeks ago
• mandiant / STrace
  A DTrace on Windows Reimplementation
  ☆369Updated 3 months ago
• daem0nc0re / TangledWinExec
  PoCs and tools for investigation of Windows process execution techniques
  ☆954Updated this week
• frkngksl / Shoggoth
  Shoggoth: Asmjit Based Polymorphic Encryptor
  ☆771Updated last year
• 0xflux / Sanctum
  Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antiv…
  ☆483Updated this week
• yardenshafir / WinDbg_Scripts
  Useful scripts for WinDbg using the debugger data model
  ☆427Updated last year