Alternatives and similar repositories for MalSys

Users that are interested in MalSys are comparing it to the libraries listed below

• a7t0fwa7 / DllDragon
  A simple to use single-include Windows API resolver
  ☆22Updated last year
• redr0nin / badgerDAPS
  Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…
  ☆38Updated last year
• Syslifters / split-bloodhound
  ☆18Updated last year
• FuzzySecurity / SAFACon-Vienna
  ☆23Updated last year
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆55Updated 4 years ago
• Iansus / DllProxy
  ☆17Updated 2 years ago
• malcomvetter / TLAD
  The Totally Legit Authentication Dialog
  ☆12Updated last year
• GKNSB / HTMLSmuggler
  Smuggle a file to a user's browser
  ☆20Updated 3 years ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• duckbillsecurity / pdf-smuggler
  Create PDFs with HTML smuggling attachments that save on opening the document.
  ☆30Updated last month
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated 2 years ago
• Flangvik / collector
  Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.
  ☆19Updated 3 years ago
• codewhitesec / apollon
  Proof-of-Concept to evade auditd by writing /proc/PID/mem
  ☆22Updated last year
• OtterHacker / Cerbere
  ☆48Updated 2 years ago
• Mr-Un1k0d3r / MsGraphFunzy
  Scripts to interact with Microsoft Graph APIs
  ☆43Updated 9 months ago
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• iomoath / RedWardenLite
  A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.
  ☆45Updated 2 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆33Updated 2 years ago
• RedSiege / SharpCollectionTemplate
  ☆14Updated last year
• RiccardoAncarani / GPOPowerParser
  A script that parses PowerView's output for GPO analysis. Integrated into bloodhound to find misconfigurations of URA, SMB signing etc
  ☆14Updated 5 years ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆18Updated last year
• Und3rf10w / CobaltStrikeBOFs
  Beacon Object Files used for Cobalt Strike
  ☆19Updated 2 years ago
• sakkis91 / SandboxPPL
  Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.
  ☆11Updated 2 months ago
• OtterHacker / LabS4U2Self
  ☆31Updated 2 years ago
• ZeroPointSecurity / Domain-Enumeration-Tool
  Perform Windows domain enumeration via LDAP
  ☆36Updated 3 years ago
• ZephrFish / SandboxSpy
  Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…
  ☆21Updated 3 months ago
• redskal / SharpAzbelt
  .NET port of Leron Gray's azbelt tool.
  ☆26Updated last year
• ly4k / Impacket
  Modified version of Impacket to use dynamic NTLMv2 Challenge/Response
  ☆19Updated 2 years ago
• V3ded / ToolDump-v1
  Some of my custom "tools".
  ☆28Updated 3 years ago
• Hackcraft-Labs / AtlasReaper
  A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
  ☆13Updated 6 months ago