Alternatives and similar repositories for ELFieScanner

Users that are interested in ELFieScanner are comparing it to the libraries listed below

• malsearchs / Static-Reverse-Engineering-SRE
  SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool
  ☆53Updated 5 months ago
• MatheuZSecurity / detect-lkm-rootkit-cheatsheet
  Cheat sheet to detect and remove linux kernel rootkit
  ☆60Updated 5 months ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆98Updated last year
• MatheuZSecurity / ElfDoor-gcc
  ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
  ☆109Updated last month
• t0-retooling / defender-recon24
  ☆52Updated 7 months ago
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆26Updated 8 months ago
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆83Updated last year
• milankovo / YaraVM
  This repository contains an IDA processor for loading and disassembling compiled yara rules.
  ☆41Updated 5 months ago
• ArtemBaranov / WindowsRootkitsGuide
  ☆68Updated 4 months ago
• magicsword-io / bootloaders
  bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…
  ☆60Updated last year
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆99Updated 3 weeks ago
• ic3qu33n / OffensiveCon24-uefi-task-of-the-translator
  OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"
  ☆42Updated last year
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated 7 months ago
• patrickmatula / Windows-Internals-Learning-Resources
  ☆100Updated 6 months ago
• RussianPanda95 / IDAPython
  IDA Python scripts
  ☆36Updated last month
• exploits-forsale / CVE-2024-26218
  Proof-of-Concept for CVE-2024-26218
  ☆51Updated last year
• wetw0rk / wetw0rk.github.io
  ☆18Updated 2 weeks ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆115Updated 10 months ago
• volexity / GoResolver
  GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…
  ☆62Updated last month
• Slowerzs / KeyJumper
  ☆46Updated 2 months ago
• thalium / rkchk
  Rust Linux Kernel Module designed for LKM rootkit detection
  ☆45Updated 2 months ago
• freakick22 / SpyAI
  Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's …
  ☆29Updated this week
• OtterHacker / Hooker
  ☆106Updated 7 months ago
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆37Updated last year
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated last year
• zerozenxlabs / CVE-2023-36424
  Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation
  ☆127Updated last year
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆47Updated 2 weeks ago
• DissectMalware / yaradbg-frontend
  ☆39Updated last year
• sensepost / mydumbedr
  ☆119Updated last year
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆61Updated last year