Alternatives and similar repositories for malware-practices

Users that are interested in malware-practices are comparing it to the libraries listed below

• mlcsec / proctools
  Small toolkit for extracting information and dumping sensitive strings from Windows processes
  ☆115Updated last year
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆123Updated last month
• Maldev-Academy / CodeSearchDemo
  ☆41Updated last year
• SaadAhla / IP-Hunter
  Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process
  ☆73Updated last year
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆110Updated 2 years ago
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆141Updated 3 years ago
• CodeXTF2 / HavocNotion
  A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …
  ☆91Updated 3 years ago
• efchatz / bypassing-av-detection
  Bypassing antivirus detection: old-school malware, new tricks
  ☆67Updated 2 years ago
• hackerhouse-opensource / CompMgmtLauncher_DLL_UACBypass
  CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive
  ☆109Updated 2 years ago
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆41Updated 2 years ago
• Cerbersec / notes
  Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.
  ☆86Updated 3 years ago
• 0xHossam / APT-Attack-Simulation
  Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…
  ☆62Updated last year
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated 2 years ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆70Updated last year
• gatariee / Winton
  Command and Control (C2) framework
  ☆132Updated 7 months ago
• ghostpepper108 / Evasion
  ☆107Updated 2 years ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Updated 2 years ago
• 0xsp-SRD / 0xsp.com
  a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab
  ☆64Updated last year
• dmcxblue / calc_poc
  A repository holding Proof of Concepts for executing the calculator application via different file formats
  ☆42Updated last year
• trevorsaudi / Zero-Import-Malware
  Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…
  ☆40Updated 2 years ago
• lem0nSec / KBlast
  Basic interactive Windows kernel offensive toolkit written in C
  ☆135Updated 3 months ago
• georgesotiriadis / MalwareDev
  ☆85Updated 3 years ago
• ASP4RUX / bypassEDR-AV
  ☆59Updated last year
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆108Updated 10 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆123Updated last week
• sfewer-r7 / CVE-2023-34362
  CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
  ☆64Updated last year
• MultSec / MultCheck
  Identifies bad bytes from static analysis with any Anti-Virus scanner.
  ☆128Updated last year
• MythicC2Profiles / http
  Simple HTTP async comms using standard GET/POST requests
  ☆46Updated 2 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆169Updated last year
• unkvolism / Fuck-Etw
  Bypass the Event Trace Windows(ETW) and unhook ntdll.
  ☆115Updated 2 years ago