Alternatives and similar repositories for samples

Users that are interested in samples are comparing it to the libraries listed below

• errbody / DPRK-Research
  ☆37Updated 3 months ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆101Updated 3 months ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆64Updated 2 years ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Updated last year
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆26Updated 9 months ago
• fortra / CVE-2024-30051
  ☆121Updated 9 months ago
• Wh04m1001 / CVE-2023-36723
  ☆67Updated last year
• Aetsu / Neton
  Neton is a tool for getting information from Internet connected sandboxes
  ☆95Updated 2 years ago
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆36Updated 6 months ago
• xalicex / LOLDrivers_finder
  ☆86Updated last year
• t0-retooling / defender-recon24
  ☆52Updated 8 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆72Updated 2 months ago
• exploits-forsale / CVE-2024-21345
  Proof-of-Concept for CVE-2024-21345
  ☆74Updated last year
• IncludeSecurity / c2-vulnerabilities
  PoCs of RCEs against open source C2 servers
  ☆84Updated 8 months ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆127Updated 2 years ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆58Updated 10 months ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆113Updated 3 weeks ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆62Updated last week
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆83Updated last year
• Hagrid29 / CVE-2024-2432-PaloAlto-GlobalProtect-EoP
  ☆59Updated last year
• Wh04m1001 / UserManagerEoP
  ☆80Updated last year
• SafeBreach-Labs / CortexVortex
  ☆78Updated last year
• M01N-Team / HeaderLessPE
  ☆241Updated last year
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆61Updated last year
• Y3A / CVE-2023-28229
  ☆131Updated last year
• killvxk / CVE-2024-38193-Nephster
  ☆58Updated 7 months ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆98Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆140Updated 11 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated 8 months ago