Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during red team engagements.
☆43Aug 10, 2025Updated 6 months ago
Alternatives and similar repositories for MalDev-Analyzer-MCP
Users that are interested in MalDev-Analyzer-MCP are comparing it to the libraries listed below
Sorting:
- A short scraper looking for a POC of CVE-2024-49112☆14Dec 16, 2024Updated last year
- rust port of pspy with support for process monitoring over dbus☆35Jan 4, 2026Updated last month
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.��☆186Mar 14, 2025Updated 11 months ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Jul 21, 2022Updated 3 years ago
- ☆27Aug 8, 2021Updated 4 years ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 8 months ago
- A small WinRM client designed for interacting with JEA endpoints.☆13Aug 29, 2024Updated last year
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- Citrix Phishlet☆24Feb 2, 2021Updated 5 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 6 months ago
- The cActiveDirectorySecurity module contains PowerShell Functions which are designed to report on and manipulate Access Control Lists on …☆11Aug 31, 2018Updated 7 years ago
- Installs ADDS and configures a vulnerable domain via a powershell script☆12Jul 13, 2023Updated 2 years ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 5 months ago
- A python library to create BloodHound OpenGraphs☆53Feb 4, 2026Updated 3 weeks ago
- ☆32Jun 1, 2024Updated last year
- Examples of various container types for Python and Golang☆16Aug 29, 2025Updated 6 months ago
- ☆13Mar 3, 2025Updated 11 months ago
- A BloodHound collector written in Go that discovers Linux and SSH attack paths. Outputs OpenGraph JSON and integrates with existing Sharp…☆38Updated this week
- Comprehensive logging of all terminal input and output for each session based on Asciinema and wild zsh + Python scripting.☆42Jan 6, 2026Updated last month
- DLL injection with Microsoft detours☆22Dec 9, 2025Updated 2 months ago
- ☆50Jun 4, 2025Updated 8 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆75Nov 6, 2025Updated 3 months ago
- ☆14Sep 22, 2019Updated 6 years ago
- string encryption in Nim☆20Jun 15, 2024Updated last year
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- Microsoft Entra ID (Azure AD) Unauthenticated Enumeration☆67Feb 5, 2026Updated 3 weeks ago
- Windows Defender Manager is a tool that helps stop Windows Defender. It works with the Antimalware Service Executable of all versions of …☆43Jan 18, 2025Updated last year
- Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueAp…☆63Feb 17, 2026Updated last week
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆21Aug 26, 2020Updated 5 years ago
- Sh3ller is a lightweight C2 framework in its simplest form.☆31Sep 5, 2025Updated 5 months ago
- Dump LSASS process in Task Manager without triggering Defender.☆18Apr 6, 2023Updated 2 years ago
- A small How-To on creating your own weaponized WSL file☆121Jul 23, 2025Updated 7 months ago
- Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.☆209Jan 6, 2026Updated last month
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆118May 2, 2024Updated last year
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Jan 5, 2026Updated last month
- A BOF for lazy people☆23Apr 4, 2024Updated last year
- P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming…☆33Jul 5, 2025Updated 7 months ago