Alternatives and similar repositories for InviZzzible

Users that are interested in InviZzzible are comparing it to the libraries listed below

• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆730Updated last month
• marcosd4h / memhunter
  Live hunting of code injection techniques
  ☆382Updated 5 years ago
• OALabs / BlobRunner
  Quickly debug shellcode extracted during malware analysis
  ☆603Updated last year
• SafeBreach-Labs / pinjectra
  Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
  ☆811Updated 3 years ago
• CheckPointSW / Evasions
  Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…
  ☆405Updated 10 months ago
• JusticeRage / Manalyze
  A static analyzer for PE executables.
  ☆1,063Updated last year
• hasherezade / bearparser
  Portable Executable parsing library (from PE-bear)
  ☆658Updated 2 weeks ago
• eclypsium / Screwed-Drivers
  "Screwed Drivers" centralized information source for code references, links, etc.
  ☆356Updated 5 years ago
• conix-security / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆360Updated 9 years ago
• hasherezade / demos
  Demos of various injection techniques found in malware
  ☆791Updated 3 years ago
• theevilbit / injection
  ☆813Updated 5 years ago
• secrary / makin
  makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
  ☆741Updated 6 years ago
• AlicanAkyol / sems
  Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools
  ☆451Updated 6 years ago
• JLospinoso / gargoyle
  A memory scanning evasion technique
  ☆865Updated 7 years ago
• D4stiny / PeaceMaker
  PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.
  ☆420Updated 4 years ago
• therealdreg / anticuckoo
  A tool to detect and crash Cuckoo Sandbox
  ☆293Updated 9 months ago
• hasherezade / process_doppelganging
  My implementation of enSilo's Process Doppelganging (PE injection technique)
  ☆609Updated 2 years ago
• mandiant / capa-rules
  Standard collection of rules for capa: the tool for enumerating the capabilities of programs
  ☆579Updated last month
• hasherezade / tiny_tracer
  A Pin Tool for tracing API calls etc
  ☆1,421Updated 2 weeks ago
• carbonblack / binee
  Binee: binary emulation environment
  ☆517Updated 2 years ago
• d35ha / CallObfuscator
  Obfuscate specific windows apis with different apis
  ☆999Updated 4 years ago
• CERT-Polska / malduck
  Malduck is your ducky companion in malware analysis journeys
  ☆331Updated last week
• D4stiny / spectre
  A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
  ☆701Updated 4 years ago
• a0rtega / metame
  metame is a metamorphic code engine for arbitrary executables
  ☆581Updated 5 years ago
• doomedraven / Tools
  Combination of different utilities, have fun!
  ☆213Updated last year
• hatching / vmcloak
  Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.
  ☆498Updated 11 months ago
• hasherezade / libpeconv
  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
  ☆1,217Updated 2 months ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆210Updated 3 years ago
• hfiref0x / VMDE
  Source from VMDE paper, adapted to 2015
  ☆182Updated 7 years ago
• unipacker / unipacker
  Automatic and platform-independent unpacker for Windows binaries based on emulation
  ☆693Updated 7 months ago