Alternatives and similar repositories for mal_ex

Users that are interested in mal_ex are comparing it to the libraries listed below

• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆164Updated 9 months ago
• rad9800 / byor
  ☆157Updated 6 months ago
• rad9800 / PMD
  ☆155Updated 7 months ago
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆206Updated last month
• olafhartong / BamboozlEDR
  A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.
  ☆251Updated 2 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆118Updated 6 months ago
• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆134Updated 6 months ago
• cocomelonc / mdmz_book
  The result of research and investigation of malware development tricks, techniques, evasion, cryptography and linux malware
  ☆65Updated last month
• yo-yo-yo-jbo / dumping_lsass
  The different ways to dump lsass
  ☆202Updated 4 months ago
• Maldev-Academy / MaldevAcademyLdr.2
  RunPE implementation with multiple evasive techniques
  ☆253Updated 2 months ago
• dis0rder0x00 / obex
  Obex – Blocking unwanted DLLs in user mode
  ☆276Updated 3 months ago
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆201Updated 10 months ago
• xaitax / NTSleuth
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆157Updated 3 months ago
• outflanknl / edr-internals
  Tools for analyzing EDR agents
  ☆272Updated last year
• rtecCyberSec / Packer_Development
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆275Updated last year
• ArtemBaranov / WindowsRootkitsGuide
  ☆71Updated 10 months ago
• Cracked5pider / earlycascade-injection
  early cascade injection PoC based on Outflanks blog post
  ☆234Updated last year
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆211Updated 11 months ago
• Maldev-Academy / TrapFlagForSyscalling
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆135Updated 3 months ago
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆205Updated 10 months ago
• eversinc33 / PSXecute
  MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.
  ☆121Updated last year
• fin3ss3g0d / StoneKeeper
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆207Updated 11 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆155Updated 7 months ago
• Kudaes / MFTool
  Direct access to NTFS volumes
  ☆291Updated 3 months ago
• Kudaes / Eclipse
  Activation Context Hijack
  ☆169Updated 4 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆163Updated 4 months ago
• winsecurity / MaleficentVM
  This is practice VM for malware development
  ☆169Updated last month
• chryzsh / awesome-bof
  🧠 The ultimate, community-curated resource for Beacon Object Files (BOFs) — tutorials, how-tos, deep dives, and reference materials.
  ☆93Updated last month
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆133Updated 4 months ago
• warpnet / MS-RPC-Fuzzer
  Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…
  ☆317Updated 2 months ago