Alternatives and similar repositories for ThreatCheck

Users that are interested in ThreatCheck are comparing it to the libraries listed below

• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆243Updated last year
• xalicex / LOLDrivers_finder
  ☆89Updated 2 years ago
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆163Updated last month
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆248Updated last year
• keowu / BadRentdrv2
  A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…
  ☆103Updated last year
• SaadAhla / PE-Obfuscator
  PE obfuscator with Evasion in mind
  ☆214Updated 2 years ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆172Updated 2 years ago
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆214Updated last year
• SaadAhla / ntdlll-unhooking-collection
  different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
  ☆200Updated 2 years ago
• xalicex / Killers
  Exploitation of process killer drivers
  ☆201Updated 2 years ago
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆166Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆70Updated last year
• reveng007 / ReflectiveNtdll
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆181Updated 2 years ago
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆205Updated 2 years ago
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆116Updated last year
• CognisysGroup / HadesLdr
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆293Updated 2 years ago
• ASkyeye / FilelessRemotePE
  Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
  ☆75Updated 3 years ago
• florylsk / NtRemoteLoad
  Remote Shellcode Injector
  ☆221Updated 2 years ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆101Updated last year
• YOLOP0wn / EchoDrv
  Exploitation of echo_driver.sys
  ☆169Updated 2 years ago
• ProcessusT / Venoma
  Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
  ☆198Updated 7 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆202Updated 2 years ago
• 0xJs / BYOVD_read_write_primitive
  Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
  ☆200Updated 4 months ago
• Faisal-P27 / WAREED-DNS-C2
  ☆122Updated 9 months ago
• internetangel / ZeroCrumb
  Dumping App Bound Protected Credentials & Cookies Without Privileges.
  ☆165Updated 7 months ago
• TwoSevenOneT / CreateProcessAsPPL
  This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.
  ☆286Updated 2 months ago
• Wra7h / SingleDose
  Generate Shellcode Loaders & Injects
  ☆158Updated 2 years ago
• Hagrid29 / BYOVDKit
  bring your own vulnerable driver
  ☆113Updated 2 years ago
• dmcxblue / SharpBlackout
  Terminate AV/EDR leveraging BYOVD attack
  ☆101Updated 9 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆156Updated 8 months ago