Alternatives and similar repositories for volatility3-mcp

Users that are interested in volatility3-mcp are comparing it to the libraries listed below

• GB102 / VirtualEXploiter
  VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advan…
  ☆20Updated 7 months ago
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆197Updated 7 months ago
• Maldev-Academy / MaldevAcademyLdr.2
  RunPE implementation with multiple evasive techniques
  ☆234Updated last month
• dslee2022 / SignatureKid
  ☆373Updated 4 months ago
• danafaye / WindowsAPIAbuseAtlas
  A living guide to lesser-known and evasive Windows API abuses used in malware, with practical reverse engineering notes, YARA detections,…
  ☆79Updated 2 weeks ago
• jakydibe / Zone
  ☆17Updated last month
• Cracked5pider / earlycascade-injection
  early cascade injection PoC based on Outflanks blog post
  ☆232Updated last year
• hasherezade / thread_namecalling
  Process Injection using Thread Name
  ☆282Updated 6 months ago
• Teach2Breach / mal_ex
  Source code for complete MALicious softWARE books I & II
  ☆55Updated 3 weeks ago
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆236Updated last year
• hasherezade / waiting_thread_hijacking
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆246Updated 2 months ago
• thelikes / slivercloak
  PoC framework for Sliver compilation
  ☆23Updated 9 months ago
• tijme / dittobytes
  Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.
  ☆551Updated 2 months ago
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆430Updated last week
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆161Updated 8 months ago
• vxCrypt0r / Voidmaw
  A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…
  ☆330Updated last year
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆198Updated 9 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆145Updated 6 months ago
• rbmm / SC_DEMO
  ☆121Updated 7 months ago
• Kudaes / MFTool
  Direct access to NTFS volumes
  ☆283Updated 2 months ago
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆130Updated 2 months ago
• HackLike-co / Cloak
  Generate Secure, Polymorphic, Evasive (lol) Payloads
  ☆29Updated last month
• Kudaes / Eclipse
  Activation Context Hijack
  ☆170Updated 3 months ago
• 0xflux / Sanctum
  Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antiv…
  ☆444Updated 3 weeks ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆314Updated last year
• rad9800 / byor
  ☆157Updated 4 months ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆211Updated 9 months ago
• Friends-Security / RedirectThread
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆191Updated 4 months ago
• klezVirus / DriverJack
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆351Updated last year
• dis0rder0x00 / obex
  Obex – Blocking unwanted DLLs in user mode
  ☆260Updated last month