Alternatives and similar repositories for stalksnet

Users that are interested in stalksnet are comparing it to the libraries listed below

• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated last year
• hasherezade / flareon2024
  ☆39Updated last year
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆73Updated 2 weeks ago
• Slowerzs / KeyJumper
  ☆51Updated 8 months ago
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆68Updated 10 months ago
• captainGeech42 / implant.js
  Proof-of-concept modular implant platform leveraging v8
  ☆55Updated 9 months ago
• ic3qu33n / OffensiveCon24-uefi-task-of-the-translator
  OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"
  ☆43Updated last year
• OtterHacker / Hooker
  ☆108Updated last year
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆64Updated last year
• rad9800 / talks
  ☆62Updated 7 months ago
• SafeBreach-Labs / QuickShell
  A library and a set of tools for exploiting and communicating with Google's Quick Share devices.
  ☆47Updated 8 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 4 months ago
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆39Updated 9 months ago
• SaadAhla / VSCode-Backdoor
  Backdooring VSCode Projects
  ☆81Updated 6 months ago
• referefref / Rusty-Telephone
  Exfiltrate data over audio output from remote desktop sessions - Covert channel PoC
  ☆63Updated last year
• ArtemBaranov / WindowsRootkitsGuide
  ☆71Updated 10 months ago
• rbmm / TL-TASK
  ☆20Updated 3 months ago
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆66Updated 10 months ago
• xforcered / PhrackCTF
  Binary Exploitation Phrack CTF Challenge
  ☆139Updated 3 months ago
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Updated last year
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆60Updated 9 months ago
• mbanyamer / CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free-
  Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397)
  ☆65Updated 6 months ago
• alfarom256 / LogMeInPoCHandleDup
  ☆64Updated last year
• x86byte / Stuxnet-Rootkit
  Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
  ☆77Updated last year
• ChaitanyaHaritash / IllusiveFog
  Windows Administrator level Implant.
  ☆50Updated last year
• tanc7 / skidstorm
  ☆26Updated 8 months ago
• 20urc3 / Publications
  This repository contains the public work I produced, wheter it is research, post, slides, sometimes videos, and materials of my talks.
  ☆52Updated 4 months ago
• naacbin / CovenantDecryptor
  ☆34Updated 2 years ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆118Updated last year
• 0xTriboulet / T-70
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆40Updated last year