Alternatives and similar repositories for samples:

Users that are interested in samples are comparing it to the libraries listed below

• t0-retooling / defender-recon24
  ☆52Updated 6 months ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Updated last year
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆26Updated 7 months ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆97Updated 2 months ago
• fortra / CVE-2024-30051
  ☆121Updated 8 months ago
• errbody / DPRK-Research
  ☆35Updated 2 months ago
• xalicex / LOLDrivers_finder
  ☆82Updated last year
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• volexity / GoResolver
  GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…
  ☆45Updated last week
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆36Updated 5 months ago
• IncludeSecurity / c2-vulnerabilities
  PoCs of RCEs against open source C2 servers
  ☆82Updated 7 months ago
• Hagrid29 / CVE-2024-2432-PaloAlto-GlobalProtect-EoP
  ☆59Updated last year
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆106Updated 6 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆55Updated 8 months ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆125Updated 2 years ago
• Y3A / CVE-2023-28229
  ☆128Updated last year
• JPCERTCC / CobaltStrike-Config
  Repository for archiving Cobalt Strike configuration
  ☆29Updated this week
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆82Updated last year
• Wh04m1001 / UserManagerEoP
  ☆79Updated last year
• fortra / CVE-2024-6769
  Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)
  ☆66Updated 7 months ago
• 0xcf80 / ShellCodeLoader_Indirect_Syscalls
  Shellcode Loader using indirect syscalls
  ☆14Updated last year
• tykawaii98 / CVE-2024-21338_PoC
  ☆39Updated 10 months ago
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆61Updated last year
• S3N4T0R-0X0 / Hunter
  Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…
  ☆40Updated 2 weeks ago
• d0rb / CVE-2023-36874
  This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Wi…
  ☆77Updated last year
• SafeBreach-Labs / CortexVortex
  ☆77Updated last year
• exploits-forsale / CVE-2024-21345
  Proof-of-Concept for CVE-2024-21345
  ☆73Updated last year
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆72Updated last month
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 3 months ago