Alternatives and similar repositories for jellyfish:

Users that are interested in jellyfish are comparing it to the libraries listed below

• dalvarezperez / CreateFile_based_rootkit
  ☆134Updated 2 months ago
• Qubasa / 0pack
  A novel technique to hide code from debuggers & disassemblers
  ☆156Updated 9 months ago
• Wenzel / osw-fs-windows
  A git history of Windows filesystems
  ☆76Updated 4 years ago
• 86hh / DreamLoader
  Simple 32/64-bit PEs loader.
  ☆138Updated 6 years ago
• msuiche / smbaloo
  ☆48Updated 4 years ago
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆177Updated 6 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆96Updated 3 years ago
• Darkabode / zerokit
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆182Updated 6 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆235Updated 4 years ago
• d00rt / ebfuscator
  Ebfuscator: Abusing system errors for binary obfuscation
  ☆52Updated 5 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆132Updated last year
• jthuraisamy / ioctlpus
  ☆110Updated 4 years ago
• tyranid / ExploitDotNetDCOM
  A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.
  ☆91Updated 10 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆51Updated 5 years ago
• redtimmy / golden-frieza
  ELF launcher for encrypted binaries decrypted on-the-fly and executed in memory
  ☆26Updated 5 years ago
• 86hh / POC-viruses
  POC viruses I have created to demo some ideas
  ☆59Updated 5 years ago
• hasherezade / process_chameleon
  A process overwriting its own PEB to make an illusion that it has been loaded from a different path.
  ☆96Updated 3 years ago
• ioncodes / CVE-2020-16938
  Bypassing NTFS permissions to read any files as unprivileged user.
  ☆188Updated 4 years ago
• infosecguerrilla / ReflectiveSOInjection
  Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…
  ☆116Updated 8 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆35Updated 3 years ago
• Fare9 / Windows-Internals
  My repository to upload drivers from different books and all the information related to windows internals.
  ☆156Updated 5 years ago
• hasherezade / chimera_pe
  ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…
  ☆223Updated 2 years ago
• bootkitsbook / rootkits
  ☆105Updated 5 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆94Updated 4 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆205Updated 2 years ago
• djhohnstein / ProcessReimaging
  Process reimaging proof of concept code
  ☆96Updated 5 years ago
• 0xAlexei / WindowsDefenderTools
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆295Updated 6 years ago
• nmulasmajic / syscall_exploit_CVE-2018-8897
  Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).
  ☆116Updated 6 years ago
• jackullrich / memfuck
  A PoC designed to bypass all usermode hooks in a WoW64 environment.
  ☆150Updated 4 years ago
• krystalgamer / Resonance
  A C polymorphic and metamorphic engine
  ☆68Updated 6 years ago