Alternatives and similar repositories for samples

Users that are interested in samples are comparing it to the libraries listed below

• errbody / DPRK-Research
  ☆37Updated 4 months ago
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆26Updated 10 months ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆127Updated 2 years ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Updated last year
• g0mxxm / shellcode_extractor_for_maldoc
  The code in this repository which function is to extract the shellcode from the maldoc.
  ☆10Updated 2 years ago
• michael2to3 / c2-search-netlas
  Search for c2 servers based on netlas
  ☆39Updated 2 years ago
• fortra / CVE-2024-30051
  ☆121Updated 10 months ago
• JPCERTCC / CobaltStrike-Config
  Repository for archiving Cobalt Strike configuration
  ☆31Updated last week
• sfewer-r7 / CVE-2025-22457
  PoC for CVE-2025-22457
  ☆66Updated 2 months ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆64Updated 3 years ago
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆36Updated 7 months ago
• t0-retooling / defender-recon24
  ☆52Updated 9 months ago
• voukatas / Commander
  A command and control (C2) server
  ☆57Updated last year
• RussianPanda95 / Configuration_extractors
  Configuration Extractors for Malware
  ☆108Updated 2 months ago
• kn0x0x / CVE-2025-32756-POC
  Proof of Concept for CVE-2025-32756 - A critical stack-based buffer overflow vulnerability affecting multiple Fortinet products.
  ☆80Updated last month
• mayHamad / MemTracer
  Memory Scaner
  ☆63Updated 2 years ago
• Wh04m1001 / CVE-2023-36723
  ☆67Updated last year
• Aetsu / Neton
  Neton is a tool for getting information from Internet connected sandboxes
  ☆95Updated 2 years ago
• matthw / malware_analysis
  ☆18Updated last year
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆61Updated last year
• ro0tmylove / CVE-2024-35250-BOF
  Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星，谢谢。)
  ☆15Updated 8 months ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆102Updated 4 months ago
• sfewer-r7 / CVE-2025-0282
  PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Iv…
  ☆45Updated 6 months ago
• ACE-Responder / Empire-C2-RCE-PoC
  RCE PoC for Empire C2 framework <5.9.3
  ☆28Updated last year
• SafeBreach-Labs / CortexVortex
  ☆78Updated last year
• fox-it / dissect.cobaltstrike
  Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
  ☆170Updated 3 weeks ago
• mgeeky / msidump
  MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
  ☆212Updated 2 years ago
• IncludeSecurity / c2-vulnerabilities
  PoCs of RCEs against open source C2 servers
  ☆86Updated 9 months ago
• exploits-forsale / CVE-2024-21345
  Proof-of-Concept for CVE-2024-21345
  ☆74Updated last year
• CyberSecurityUP / AV-EDR-Evasion-Practical-Techniques-Course
  ☆39Updated 2 weeks ago