Alternatives and similar repositories for samples:

Users that are interested in samples are comparing it to the libraries listed below

• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆90Updated last year
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• errbody / DPRK-Research
  ☆34Updated 3 weeks ago
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆25Updated 6 months ago
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆35Updated 3 months ago
• fortra / CVE-2024-30051
  ☆120Updated 6 months ago
• t0-retooling / defender-recon24
  ☆51Updated 5 months ago
• xalicex / LOLDrivers_finder
  ☆78Updated last year
• Wh04m1001 / CVE-2023-36723
  ☆67Updated last year
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆82Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆54Updated 7 months ago
• JPCERTCC / CobaltStrike-Config
  Repository for archiving Cobalt Strike configuration
  ☆29Updated this week
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆97Updated last year
• Aetsu / Neton
  Neton is a tool for getting information from Internet connected sandboxes
  ☆92Updated 2 years ago
• SafeBreach-Labs / CortexVortex
  ☆75Updated 11 months ago
• Nicolas-Arsenault / Havoc-C2-RCE-2024
  Abusing SSRF to deliver an authenticated command injection payload
  ☆28Updated last week
• IncludeSecurity / c2-vulnerabilities
  PoCs of RCEs against open source C2 servers
  ☆80Updated 5 months ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆90Updated 2 weeks ago
• zoemurmure / CVE-2023-21554-PoC
  CVE-2023-21554 Windows MessageQueuing PoC，分析见 https://www.zoemurmure.top/posts/cve_2023_21554/
  ☆56Updated last year
• Hagrid29 / CVE-2024-2432-PaloAlto-GlobalProtect-EoP
  ☆59Updated last year
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆54Updated 2 months ago
• RustyNoob-619 / 100-Days-of-YARA-2024
  ☆19Updated 11 months ago
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆53Updated last year
• Wh04m1001 / UserManagerEoP
  ☆79Updated 11 months ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆118Updated last year
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆74Updated last year
• ASP4RUX / bypassEDR-AV
  ☆54Updated 4 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆105Updated 5 months ago
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 8 months ago