Alternatives and similar repositories for Windows-APT-Warfare:

Users that are interested in Windows-APT-Warfare are comparing it to the libraries listed below

• FuzzySecurity / BHUSA-2023
  ☆105Updated 8 months ago
• RedTeamOperations / Journey-to-McAfee
  ☆112Updated 2 years ago
• NVISOsecurity / Interceptor
  Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space
  ☆122Updated 2 years ago
• mansk1es / GhostFart
  ☆133Updated last year
• sensepost / mydumbedr
  ☆114Updated last year
• SpikySabra / Kernel-Cactus
  It's pointy and it hurts!
  ☆124Updated 2 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆115Updated last year
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆113Updated last year
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated last year
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆79Updated last year
• 0x00Check / ExploitLeakedHandle
  Identify and exploit leaked handles for local privilege escalation.
  ☆106Updated last year
• ghostpepper108 / Evasion
  ☆107Updated last year
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆115Updated last year
• codewhitesec / SysmonEnte
  ☆72Updated 2 years ago
• y11en / FOLIAGE
  Experiment on reproducing Obfuscate & Sleep
  ☆142Updated 4 years ago
• Reijaff / offensive_c
  ☆42Updated 2 years ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆71Updated last year
• georgesotiriadis / MalwareDev
  ☆84Updated 2 years ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆136Updated 2 years ago
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆56Updated 7 months ago
• joe-desimone / patriot
  ☆136Updated 2 years ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆78Updated last year
• rkbennett / pybof
  Python module for running BOFs
  ☆70Updated last year
• SaadAhla / ntdlll-unhooking-collection
  different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
  ☆186Updated last year
• RedTeamOperations / VEH-PoC
  ☆112Updated 2 years ago
• CCob / SylantStrike
  Simple EDR implementation to demonstrate bypass
  ☆171Updated 4 years ago
• xalicex / Unhook-Import-Address-Table
  Piece of code to detect and remove hooks in IAT
  ☆63Updated 2 years ago
• CymulateResearch / Blindside
  Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms
  ☆120Updated 2 years ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆96Updated 11 months ago
• Cerbersec / notes
  Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.
  ☆82Updated 3 years ago