Alternatives and similar repositories for Evil-Go:

Users that are interested in Evil-Go are comparing it to the libraries listed below

• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆18Updated 2 weeks ago
• EvilBytecode / Keylogger
  Go keylogger for Windows, logging keyboard input to a file using Windows API functions, and it is released under the Unlicense.
  ☆24Updated 2 weeks ago
• EvilBytecode / GoEvilDocs
  Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.
  ☆11Updated 2 weeks ago
• EvilBytecode / Amsi-Patch-Updated-2025
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆13Updated 2 weeks ago
• EvilBytecode / ThunderKitty-Ransomware
  Ransomware written in go, encrypt - decrypt.
  ☆20Updated last week
• EvilBytecode / RubyRedOps
  💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby
  ☆9Updated 2 weeks ago
• SkarSys / SkarCrypter
  Crypter/Stub/Downloader for payloads and malware, bypassing all AV and achiving a score of 0/60 detections on virus total
  ☆9Updated last year
• MpCmdRun / 0x0-Crypter
  A Free Open sourced crypter that builds a output .NET .exe Stub (Updated whenever I feel like it)
  ☆13Updated this week
• ELMERIKH / Beryl
  Payload Dropper with Persistance & Privesc & UAC bypass 🐱‍👤
  ☆13Updated last year
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆21Updated 2 weeks ago
• C5Hackr / ARM64_AmsiPatch
  ☆17Updated 2 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆21Updated 2 weeks ago
• Fadi002 / MalwareInvestigation
  reverse engineering random malwares
  ☆23Updated 3 months ago
• redskal / obfuscatxor
  Near compile-time string obfuscation for Golang
  ☆13Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 7 months ago
• gemini-security / GithubC2
  ☆28Updated last year
• zer1t0 / keydump
  Dump Linux keyrings
  ☆19Updated 9 months ago
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆69Updated last year
• m7rick / Havoc-DLLHijack
  A tool to assist DLL hijacking via the Havoc GUI
  ☆13Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆32Updated last year
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆41Updated 9 months ago
• S12cybersecurity / PDFTypeSpoofing
  PDF Icon File Type Spoofer
  ☆14Updated 9 months ago
• EvilBytecode / SsnRetrieval
  Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…
  ☆11Updated 2 weeks ago
• Idov31 / NidhoggCSharpApi
  C# API for Nidhogg rootkit
  ☆17Updated last year
• EvilBytecode / EDR-XDR-AV-Bypass-Shellcode-Loader
  Bypassing Major EDR's with staged shellcode, custom getmodulehandleW and getprocaddress, veh syscalls & more.
  ☆18Updated 2 weeks ago
• syncwithali / HavocExploit
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆35Updated last year
• Mazzy-Stars / lain_c2
  command control framework
  ☆21Updated 3 weeks ago
• knight0x07 / NailaoLoader-Hiding-Execution-Flow
  NailaoLoader: Hiding Execution Flow via Patching
  ☆20Updated 2 months ago
• reveng007 / reveng_loader
  C# loader capable of running stage-1 from remote url, file path as well as file share
  ☆16Updated 2 years ago
• Und3rf10w / CobaltStrikeBOFs
  Beacon Object Files used for Cobalt Strike
  ☆18Updated last year