Alternatives and similar repositories for metame:

Users that are interested in metame are comparing it to the libraries listed below

• hasherezade / demos
  Demos of various injection techniques found in malware
  ☆790Updated 3 years ago
• JLospinoso / gargoyle
  A memory scanning evasion technique
  ☆855Updated 7 years ago
• therealdreg / anticuckoo
  A tool to detect and crash Cuckoo Sandbox
  ☆289Updated 6 months ago
• claudiouzelac / rootkit.com
  Mirror of users section of rootkit.com
  ☆289Updated 8 years ago
• hasherezade / process_doppelganging
  My implementation of enSilo's Process Doppelganging (PE injection technique)
  ☆592Updated 2 years ago
• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆362Updated 7 years ago
• OALabs / BlobRunner
  Quickly debug shellcode extracted during malware analysis
  ☆582Updated last year
• hasherezade / bearparser
  Portable Executable parsing library (from PE-bear)
  ☆652Updated 5 months ago
• peperunas / injectopi
  A set of tutorials about code injection for Windows.
  ☆309Updated 5 months ago
• vivisect / vivisect
  ☆956Updated 2 weeks ago
• Cr4sh / WindowsRegistryRootkit
  Kernel rootkit, that lives inside the Windows registry values data
  ☆490Updated 7 years ago
• conix-security / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆358Updated 9 years ago
• kgretzky / python-x86-obfuscator
  This is a **WIP** tool that performs shellcode obfuscation in x86 instruction set.
  ☆235Updated 8 years ago
• theevilbit / injection
  ☆801Updated 5 years ago
• a1ext / labeless
  Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping…
  ☆541Updated 3 weeks ago
• secrary / makin
  makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
  ☆738Updated 5 years ago
• FSecureLABS / win_driver_plugin
  A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
  ☆426Updated 6 years ago
• nccgroup / DriverBuddy
  DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
  ☆358Updated 5 years ago
• BromiumLabs / PackerAttacker
  C++ application that uses memory and code hooks to detect packers
  ☆270Updated 6 years ago
• carbonblack / binee
  Binee: binary emulation environment
  ☆513Updated last year
• sam-b / windows_kernel_resources
  Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
  ☆389Updated 5 years ago
• tklengyel / drakvuf
  DRAKVUF Black-box Binary Analysis
  ☆1,093Updated this week
• SafeBreach-Labs / pinjectra
  Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
  ☆801Updated 2 years ago
• sam-b / windows_kernel_address_leaks
  Examples of leaking Kernel Mode information from User Mode on Windows
  ☆587Updated 7 years ago
• Antonin-Deniau / cave_miner
  Search for code cave in all binaries
  ☆276Updated 7 months ago
• Professor-plum / Reflective-Driver-Loader
  ☆392Updated 7 years ago
• jackullrich / ShellcodeStdio
  An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
  ☆504Updated 5 years ago
• d35ha / CallObfuscator
  Obfuscate specific windows apis with different apis
  ☆993Updated 4 years ago
• hasherezade / malware_analysis
  Various snippets created during malware analysis
  ☆458Updated 2 years ago
• JusticeRage / Manalyze
  A static analyzer for PE executables.
  ☆1,043Updated last year