Alternatives and similar repositories for monomorph:

Users that are interested in monomorph are comparing it to the libraries listed below

• winterknife / PINKPANTHER
  Windows x64 handcrafted token stealing kernel-mode shellcode
  ☆507Updated last year
• netspooky / xx
  The xx file format. Turn your hex dumps into art, then into binary data.
  ☆339Updated last year
• arget13 / DDexec
  A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
  ☆830Updated last month
• akamai / akamai-security-research
  This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.
  ☆498Updated 4 months ago
• citronneur / pamspy
  Credentials Dumper for Linux using eBPF
  ☆1,135Updated 7 months ago
• Idov31 / Venom
  Venom is a library that meant to perform evasive communication using stolen browser socket
  ☆380Updated last year
• optiv / Mangle
  Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
  ☆1,198Updated last year
• mborgerson / mdec
  Decompilation as a Service. Explore multiple decompilers and compare their output with minimal effort. Upload binary, get decompilation.
  ☆455Updated 2 years ago
• nnsee / fileless-elf-exec
  Execute ELF files without dropping them on disk
  ☆491Updated 9 months ago
• Kudaes / Elevator
  UAC bypass by abusing RPC and debug objects.
  ☆614Updated last year
• netspooky / golfclub
  Binary Golf Examples and Resources
  ☆252Updated 9 months ago
• Idov31 / FunctionStomping
  Shellcode injection technique. Given as C++ header, standalone Rust program or library.
  ☆696Updated last year
• magicsword-io / LOLDrivers
  Living Off The Land Drivers
  ☆1,153Updated 3 weeks ago
• Wack0 / CVE-2022-21894
  baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
  ☆324Updated last year
• persistence-info / persistence-info.github.io
  ☆489Updated last year
• wavestone-cdt / EDRSandblast
  ☆1,634Updated 7 months ago
• hasherezade / hollows_hunter
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,148Updated 3 weeks ago
• Idov31 / Cronos
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆582Updated last year
• krisnova / boopkit
  Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
  ☆1,606Updated last year
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆725Updated last month
• JuliaPoo / Artfuscator
  A C compiler targeting an artistically pleasing nightmare for reverse engineers
  ☆1,054Updated 2 years ago
• packing-box / awesome-executable-packing
  A curated list of awesome resources related to executable packing
  ☆1,315Updated 3 weeks ago
• binref / refinery
  High Octane Triage Analysis
  ☆722Updated this week
• h3xduck / TripleCross
  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
  ☆1,838Updated last year
• optiv / Freeze
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆1,437Updated last year
• anvilsecure / ulexecve
  ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…
  ☆185Updated last year
• lkarlslund / ldapnomnom
  Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (c…
  ☆1,030Updated 5 months ago
• blasty / lexmark
  ☆203Updated 5 months ago
• cyberark / PipeViewer
  A tool that shows detailed information about named pipes in Windows
  ☆620Updated 5 months ago
• hardenedvault / bootkit-samples
  Bootkit sample for firmware attack
  ☆248Updated 4 months ago