Alternatives and similar repositories for MalwareInvestigation

Users that are interested in MalwareInvestigation are comparing it to the libraries listed below

• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆45Updated last year
• Idov31 / NidhoggCSharpApi
  C# API for Nidhogg rootkit
  ☆19Updated last year
• cod3nym / Deobfuscar
  A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
  ☆47Updated last year
• EvilBytecode / SsnRetrieval
  Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…
  ☆12Updated 6 months ago
• JayGLXR / MacOS-Stealer-in-Rust
  MacOS Stealer written in Rust. For Legal and Ethical Research Purposes Only.
  ☆20Updated 9 months ago
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆73Updated 2 years ago
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆50Updated last year
• moom825 / XenoStealer
  ☆49Updated last year
• ahkeur / VEH2
  A Patchless AMSI Bypass Technique using VEH²
  ☆29Updated 4 months ago
• C5Hackr / Segment-Encryption
  ☆26Updated last year
• C5Hackr / Eclipse
  A unique introduction to native runtime obfuscation.
  ☆73Updated 7 months ago
• casp3r0x0 / PolymorphicSignature
  A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.
  ☆17Updated 8 months ago
• susMdT / SharpIndirectSyscalls
  ☆11Updated 2 years ago
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆16Updated 2 years ago
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated 2 years ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆66Updated last year
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆41Updated last year
• gemini-security / GithubC2
  ☆28Updated last year
• EvilBytecode / ThunderKitty-Ransomware
  Ransomware written in go, encrypt - decrypt.
  ☆29Updated 6 months ago
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆57Updated last year
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆80Updated 4 months ago
• Offensive-Panda / C2_Elevated_Shell_DLL_Hijcking
  DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…
  ☆44Updated last year
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆25Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆27Updated last year
• 0xJs / EnumMitigations
  Reports on Driver, LSASS and other security services mitigations
  ☆32Updated 2 months ago
• hackforyourentertainment / Misery
  Misery Loader to bypass modern EDR solutions
  ☆16Updated 10 months ago
• Dump-GUY / sc2pe
  Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE
  ☆66Updated 2 years ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• rasta-mouse / PacketAlchemy
  Playing with packets in C#
  ☆15Updated last year
• aitorfirm / BlackIris
  Thats it! An Open-Source Windows UEFI Rootkit
  ☆26Updated 3 months ago