Alternatives and similar repositories for volatility3-mcp

Users that are interested in volatility3-mcp are comparing it to the libraries listed below

• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆206Updated last month
• danafaye / WindowsAPIAbuseAtlas
  A living guide to lesser-known and evasive Windows API abuses used in malware, with practical reverse engineering notes, YARA detections,…
  ☆87Updated last month
• Teach2Breach / mal_ex
  Source code for complete MALicious softWARE books I & II
  ☆62Updated 2 months ago
• jakydibe / Zone
  ☆17Updated 3 months ago
• GB102 / VirtualEXploiter
  VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advan…
  ☆22Updated 9 months ago
• dslee2022 / SignatureKid
  ☆386Updated 6 months ago
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆445Updated last month
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆155Updated 7 months ago
• hasherezade / waiting_thread_hijacking
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆257Updated 3 months ago
• Cracked5pider / earlycascade-injection
  early cascade injection PoC based on Outflanks blog post
  ☆234Updated last year
• tijme / dittobytes
  Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.
  ☆574Updated 3 months ago
• HackLike-co / Cloak
  Generate Secure, Polymorphic, Evasive (lol) Payloads
  ☆28Updated 2 months ago
• rbmm / SC_DEMO
  ☆123Updated last week
• Maldev-Academy / MaldevAcademyLdr.2
  RunPE implementation with multiple evasive techniques
  ☆253Updated 2 months ago
• thelikes / slivercloak
  PoC framework for Sliver compilation
  ☆23Updated 11 months ago
• 0xflux / Hells-Hollow
  Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
  ☆206Updated 3 months ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆164Updated 9 months ago
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆264Updated last year
• xrombar / flower
  a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
  ☆106Updated last year
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆133Updated 4 months ago
• An0nUD4Y / AV-EDR-Lab-Environment-Setup
  AV/EDR Lab environment setup references to help in Malware development
  ☆418Updated 10 months ago
• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆134Updated 6 months ago
• vxCrypt0r / Voidmaw
  A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…
  ☆334Updated last year
• Kudaes / MFTool
  Direct access to NTFS volumes
  ☆291Updated 3 months ago
• 0xJs / BYOVD_read_write_primitive
  Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
  ☆198Updated 3 months ago
• hasherezade / thread_namecalling
  Process Injection using Thread Name
  ☆284Updated 8 months ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆211Updated 11 months ago
• dis0rder0x00 / obex
  Obex – Blocking unwanted DLLs in user mode
  ☆276Updated 3 months ago
• rtecCyberSec / Packer_Development
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆275Updated last year
• RWXstoned / LdrShuffle
  Code execution/injection technique using DLL PEB module structure manipulation
  ☆217Updated 6 months ago