A malware-analysis tool that identify the exact position and details of malicious content in binary files using external Anti-Virus scanners. Supports all AV scanners.
☆41Dec 26, 2023Updated 2 years ago
Alternatives and similar repositories for ThreatCheck
Users that are interested in ThreatCheck are comparing it to the libraries listed below
Sorting:
- Near compile-time string obfuscation for Golang☆13Oct 3, 2023Updated 2 years ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 11 months ago
- Collection of scripts / samples / snippits around the community service at www.filescan.io☆17Nov 6, 2025Updated 4 months ago
- ☆15Aug 22, 2022Updated 3 years ago
- golang decryption poc of the new app bound encryption introduced in chrome version 127.☆22Nov 4, 2024Updated last year
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆63Jan 5, 2026Updated 2 months ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆199May 29, 2025Updated 9 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆187Oct 29, 2025Updated 4 months ago
- Panoptes Endpoint Detection and Response Solution☆42Jan 19, 2026Updated last month
- Red Teaming Tradecraft☆30Sep 28, 2022Updated 3 years ago
- Proof of concept SMB C2 using named pipes in Golang☆25Sep 8, 2019Updated 6 years ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆104Dec 15, 2022Updated 3 years ago
- Ransomware written in go, encrypt - decrypt.☆30Apr 27, 2025Updated 10 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆194Feb 6, 2025Updated last year
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆1,433Jan 14, 2026Updated last month
- A shellcode runner / injector / hollower in Go, for windows☆26May 22, 2022Updated 3 years ago
- Scan vulnerable drivers on Windows with loldrivers.io☆188Sep 11, 2023Updated 2 years ago
- A tiny macro library for protecting sensitive strings in compiled binaries☆40Oct 8, 2024Updated last year
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆38Feb 24, 2026Updated last week
- Repo for malware development practices I post on my blog☆35Oct 5, 2024Updated last year
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 2 years ago
- ☆10Aug 4, 2020Updated 5 years ago
- Javascript keylogger in a chrome extension that sends keystrokes to discord☆10Jan 5, 2024Updated 2 years ago
- The AMSI server for Avred☆33Sep 15, 2023Updated 2 years ago
- ☆36Jan 11, 2023Updated 3 years ago
- Stealthily inject shellcode into an executable☆452Oct 19, 2025Updated 4 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆80Nov 6, 2025Updated 4 months ago
- A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its mini…☆143Aug 5, 2025Updated 7 months ago
- KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…☆229Jun 6, 2023Updated 2 years ago
- Gadget Pentesting Tool Scripts☆37Nov 29, 2015Updated 10 years ago
- Ebyte-Go-Morpher is a Go program that parses, analyzes, and rewrites Go source code to apply multiple layers of obfuscation. It operates …☆122Jul 19, 2025Updated 7 months ago
- Payload Obfuscation for Red Teams workshop materials☆81Nov 25, 2025Updated 3 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 2 years ago
- This is a tool for exploiting Ticketbleed (CVE-2016-9244) vulnerability.☆30Feb 20, 2017Updated 9 years ago
- Objective C dylibHijackScanner and analysis tool☆40Jul 12, 2023Updated 2 years ago
- The code in this repository which function is to extract the shellcode from the maldoc.☆10Jul 17, 2023Updated 2 years ago
- Guides for locking down a computer☆12Mar 4, 2023Updated 3 years ago