Alternatives and similar repositories for MalwareBazaar

Users that are interested in MalwareBazaar are comparing it to the libraries listed below

• ytincodenito / vEDR
  Vulnerable EDR
  ☆23Updated last year
• StrikeReady-Inc / samples
  shared samples from #dailyphish and/or #apt tweets
  ☆41Updated 5 months ago
• marcusbotacin / Dropper
  Embed an executable as a PE resource, drops and launches it in runtime.
  ☆64Updated 4 years ago
• errbody / DPRK-Research
  ☆46Updated 2 months ago
• jeFF0Falltrades / rat_king_parser
  A robust, multiprocessing-capable, multi-family RAT config parser/config extractor for AsyncRAT, DcRAT, VenomRAT, QuasarRAT, XWorm, Xeno …
  ☆66Updated 3 weeks ago
• HydraDragonAntivirus / HydraDragonPlatform
  Dynamic and static analysis with Real Time Malware/Executable Analysis Platform for Windows, including open-source XDR (2 EDR projects), …
  ☆143Updated this week
• qwqdanchun / Malware-Note
  https://docs.qwqdanchun.com/
  ☆27Updated 4 years ago
• t0-retooling / defender-recon24
  ☆59Updated last year
• RussianPanda95 / IDAPython
  IDA Python scripts
  ☆40Updated 9 months ago
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆142Updated this week
• cocomelonc / offzone-2024-malware-persistence-workshop
  OFFZONE 2024 Malware Persistence workshop
  ☆22Updated last year
• cdong1012 / IDAPython-Malware-Scripts
  ☆76Updated 2 years ago
• jdu2600 / Etw-SyscallMonitor
  Monitors ETW for security relevant syscalls maintaining the set called by each unique process
  ☆87Updated 2 years ago
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆41Updated 2 years ago
• Maldev-Academy / CodeSearchDemo
  ☆41Updated last year
• mez-0 / YaraEngine
  A C++ Yara Rule Runner
  ☆13Updated 3 years ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆73Updated last year
• 0xedh / DEFCON33-KillChainReloaded
  Repository for the DEF CON 33 talk: Kill Chain Reloaded
  ☆77Updated 6 months ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆111Updated last year
• nand0san / av_detect
  This program detects if any security software (AV, EDR, XDR, firewall, etc.) is running on the system. The program searches the list of r…
  ☆50Updated 3 weeks ago
• Unprotect-Project / FuncInEvasionTechniqueDemo
  ☆35Updated 2 years ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆125Updated last year
• fortra / CVE-2024-30051
  ☆125Updated last year
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated 2 years ago
• FarghlyMal / leaked_src
  some leaked src code for known and unknown malwares
  ☆23Updated 5 months ago
• killvxk / awesome-C2
  C2
  ☆120Updated last month
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆81Updated 7 months ago
• pwnfuzz / byovd-watchdog
  Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
  ☆34Updated last week
• EvilBytecode / Eset-Unload
  Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …
  ☆12Updated 9 months ago
• Offensive-Panda / PEB_WALK_AND_API_OBFUSCATION_INJECTION
  This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.
  ☆25Updated last year