Alternatives and similar repositories for duckcafe

Users that are interested in duckcafe are comparing it to the libraries listed below

• huoji120 / white_patch_detect
  通杀检测基于白文件patch黑代码的免杀技术的后门
  ☆169Updated 11 months ago
• huoji120 / APT_Step_Bear_Inject
  复现《EDR的梦魇：Storm-0978使用新型内核注入技术“Step Bear”》
  ☆137Updated 8 months ago
• Ryze-T / EdrKiller
  ☆91Updated 4 years ago
• huoji120 / DuckSysEye
  SysEye是一个window上的基于att&ck现代EDR设计思想的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
  ☆63Updated 2 years ago
• Rvn0xsy / j2osWin
  ☆155Updated last year
• bestspear / SharkOne
  Cobalt Strike 二开项目
  ☆184Updated 2 years ago
• M0nster3 / RpcsDemo
  关于RPC一些绕EDR的tips
  ☆188Updated 2 years ago
• yj94 / Anti-Sandbox
  ☆66Updated 11 months ago
• evilashz / PigScheduleTask
  添加计划任务方法集合
  ☆295Updated last year
• seventeenman / noELF
  Linux下用于远程加载可执行文件以达到内存加载的目的
  ☆202Updated 2 years ago
• 1y0n / AVKiller
  一种通过进程注入实现强制关闭部分杀软进程的方法（以360安全卫士和360杀毒为例）
  ☆135Updated last year
• NanoWraith / BlindEdr
  A Blind EDR Project for Educational Purposes
  ☆40Updated 6 months ago
• baimao-box / Self-Defective-Program
  无Windows API的新型恶意程序：自缺陷程序利用堆栈溢出的隐匿稳定攻击技术研究，A new type of malicious program without Windows API
  ☆86Updated 3 months ago
• xzxxzzzz000 / impacket-programming-manual
  impacket编程手册
  ☆105Updated last year
• dust-life / run_pe
  ☆50Updated 3 years ago
• huoji120 / CobaltStrikeDetected
  40行代码检测到大部分CobaltStrike的shellcode
  ☆288Updated 3 years ago
• Rvn0xsy / GetWindowsCredentials
  通过WindowsAPI获取用户凭证，并保存到文件中
  ☆194Updated last year
• clownfive / CppDevShellcode
  使用Visral Studio开发ShellCode
  ☆208Updated last year
• evilashz / Visual-Studio-BOF-template
  more conveniently Visual-Studio-BOF-template
  ☆66Updated last year
• c1y2m3 / SimpleShellcode
  利用图片隐写术来远程动态加载shellcode
  ☆96Updated 2 years ago
• Rvn0xsy / SchtaskCreator
  远程创建任务计划工具
  ☆188Updated 3 years ago
• bestspear / ReBeacon_ForClang
  Beacon compiled using clang
  ☆70Updated 2 years ago
• NoOne-hub / Beacon.dll
  Beacon.dll reverse
  ☆140Updated 3 years ago
• Neo-Maoku / Shellcode_Generator
  IDA Python script for generating Windows x86 shellcode with one click
  ☆37Updated last year
• y11en / schtask-bypass
  免杀计划任务进行权限维持，过主流杀软。 A schtask tool bypass anti-virus
  ☆68Updated 2 years ago
• akkuman / EvilEye
  A BeaconEye implement in Golang. It is used to detect the cobaltstrike beacon from memory and extract some configuration.
  ☆161Updated 2 years ago
• ac0d3r / 0xpe
  [windows]pe -> shellcode -> shellcodeLoader -> (pe2shellcode go on?)
  ☆77Updated 3 years ago
• Sndav / coffee
  Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器
  ☆62Updated last year
• v0id-re / go-smash
  Obfuscate go binaries. 混淆 go 二进制文件中的函数名
  ☆50Updated 3 years ago
• 4ra1n / java-gate
  Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders
  ☆196Updated 2 years ago