Alternatives and similar repositories for MalDevelopment

Users that are interested in MalDevelopment are comparing it to the libraries listed below

• OtterHacker / Cerbere
  ☆48Updated 2 years ago
• Wh04m1001 / PICDumper
  ☆25Updated 3 years ago
• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆35Updated 2 months ago
• Hackcraft-Labs / SharpShares
  Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
  ☆33Updated last year
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Updated 2 years ago
• redskal / SharpAzbelt
  .NET port of Leron Gray's azbelt tool.
  ☆26Updated last year
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆28Updated last year
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆31Updated last year
• watchtowrlabs / watchTowr-vs-FortiWeb-CVE-2025-25257
  ☆30Updated this week
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆43Updated 11 months ago
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆40Updated last year
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆85Updated 2 years ago
• GhostManager / cobalt_sync
  Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+
  ☆33Updated 11 months ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 9 months ago
• OffenseTeacher / Steganim
  ☆47Updated 2 years ago
• iamagarre / BadExclusions
  BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR
  ☆20Updated last year
• Offensive-Panda / WPM-MAJIC-ENTRY-POINT-INJECTION
  This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…
  ☆16Updated 8 months ago
• Quack2332 / Simple-.NET-Obfuscator-PoC
  ☆20Updated last year
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated last year
• EspressoCake / BetterPipename
  Example of using Sleep to create better named pipes.
  ☆41Updated last year
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆33Updated 2 years ago
• wsummerhill / IPv4Fuscation-Encrypted
  ☆19Updated last year
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆55Updated 4 years ago
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• kapellos / VladimiRED
  ☆18Updated 6 months ago
• jojonas / SharpSAMDump
  SAM Dumping in C#
  ☆49Updated 6 months ago
• crisprss / magicNetdefs
  Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…
  ☆49Updated 3 years ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆28Updated last year
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year