Alternatives and similar repositories for Venom

Users that are interested in Venom are comparing it to the libraries listed below

• Idov31 / Cronos
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆615Updated 2 years ago
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆671Updated 3 years ago
• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆388Updated last year
• Maldev-Academy / HellHall
  Performing Indirect Clean Syscalls
  ☆594Updated 2 years ago
• Kudaes / EPI
  Threadless Process Injection through entry point hijacking
  ☆351Updated last year
• MalwareApiLib / MalwareApiLibrary
  collection of apis used in malware development
  ☆231Updated 3 years ago
• ZeroMemoryEx / Amsi-Killer
  Lifetime AMSI bypass
  ☆664Updated 2 years ago
• janoglezcampos / DeathSleep
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆537Updated 3 years ago
• Wra7h / FlavorTown
  Various ways to execute shellcode
  ☆508Updated last year
• sinfulz / JustEvadeBro
  JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
  ☆315Updated last month
• dobin / avred
  Analyse your malware to surgically obfuscate it
  ☆513Updated 3 weeks ago
• rad9800 / TamperingSyscalls
  ☆501Updated 3 years ago
• Kudaes / Elevator
  UAC bypass by abusing RPC and debug objects.
  ☆630Updated 2 years ago
• georgesotiriadis / Chimera
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆502Updated 2 years ago
• Kudaes / Split
  Apply a divide and conquer approach to bypass EDRs
  ☆288Updated 2 years ago
• SaadAhla / NTDLLReflection
  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…
  ☆305Updated 2 years ago
• lab52io / LeakedHandlesFinder
  Leaked Windows processes handles identification tool
  ☆290Updated 3 years ago
• reveng007 / DarkWidow
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆745Updated 5 months ago
• rtecCyberSec / Packer_Development
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆277Updated last year
• kleiton0x00 / Proxy-DLL-Loads
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆363Updated 11 months ago
• klezVirus / SilentMoonwalk
  PoC Implementation of a fully dynamic call stack spoofer
  ☆887Updated last year
• thefLink / RecycledGate
  Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
  ☆491Updated 3 years ago
• hackerhouse-opensource / Marble
  The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
  ☆320Updated 2 years ago
• Maldev-Academy / MaldevAcademyLdr.1
  RunPE implementation with multiple evasive techniques (1)
  ☆376Updated 2 years ago
• icyguider / LightsOut
  Generate an obfuscated DLL that will disable AMSI & ETW
  ☆329Updated last year
• Kudaes / Fiber
  Using fibers to run in-memory code.
  ☆239Updated 2 years ago
• Cracked5pider / KaynLdr
  KaynLdr is a Reflective Loader written in C/ASM
  ☆557Updated 2 years ago
• kymb0 / Malware_learns
  ☆134Updated 2 years ago
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆235Updated last year
• S3cur3Th1sSh1t / Caro-Kann
  Encrypted shellcode Injection to avoid Kernel triggered memory scans
  ☆403Updated 2 years ago