Alternatives and similar repositories for MalwareBazaar

Users that are interested in MalwareBazaar are comparing it to the libraries listed below

• RussianPanda95 / IDAPython
  IDA Python scripts
  ☆40Updated 9 months ago
• StrikeReady-Inc / samples
  shared samples from #dailyphish and/or #apt tweets
  ☆41Updated 4 months ago
• Maldev-Academy / CodeSearchDemo
  ☆41Updated last year
• marcusbotacin / Dropper
  Embed an executable as a PE resource, drops and launches it in runtime.
  ☆64Updated 4 years ago
• errbody / DPRK-Research
  ☆46Updated 2 months ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆23Updated last year
• fortra / CVE-2024-30051
  ☆124Updated last year
• malsearchs / Static-Reverse-Engineering-SRE
  SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool
  ☆57Updated last year
• ytincodenito / vEDR
  Vulnerable EDR
  ☆23Updated last year
• struppigel / PortexAnalyzerGUI
  Graphical interface for PortEx, a Portable Executable and Malware Analysis Library
  ☆143Updated 7 months ago
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆139Updated last week
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆41Updated 2 years ago
• cocomelonc / offzone-2024-malware-persistence-workshop
  OFFZONE 2024 Malware Persistence workshop
  ☆22Updated last year
• Yuri08loveElaina / CVE-2025-49667
  Windows Win32 Kernel Subsystem
  ☆35Updated 5 months ago
• Unprotect-Project / FuncInEvasionTechniqueDemo
  ☆35Updated 2 years ago
• exploits-forsale / CVE-2024-21345
  Proof-of-Concept for CVE-2024-21345
  ☆76Updated last year
• pwnfuzz / byovd-watchdog
  Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
  ☆32Updated 3 weeks ago
• JanielDary / ELFieScanner
  A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by…
  ☆85Updated last year
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated 2 years ago
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆50Updated last year
• cod3nym / Deobfuscar
  A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
  ☆47Updated last year
• fortra / CVE-2024-6768
  ☆15Updated last year
• dexterm300 / CVE-2025-62215-exploit-poc
  CVE-2025-62215 is an Elevation of Privilege (EoP) vulnerability in the Windows Kernel, disclosed in November 2025 and confirmed to be act…
  ☆26Updated 2 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated last year
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆27Updated 2 years ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆72Updated last year
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆67Updated last year
• Nero22k / Exploits
  Repo with different exploits & PoCs
  ☆66Updated 8 months ago
• t0-retooling / defender-recon24
  ☆58Updated last year
• 0xedh / DEFCON33-KillChainReloaded
  Repository for the DEF CON 33 talk: Kill Chain Reloaded
  ☆77Updated 5 months ago