acedef/SynthAPT

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/acedef/SynthAPT)

acedef / SynthAPT

Generate malware with AI

☆206

Alternatives and similar repositories for SynthAPT

Users that are interested in SynthAPT are comparing it to the libraries listed below

Sorting:

racoten / CannonLoader
View on GitHub
Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs
☆24Jul 11, 2025Updated 8 months ago
JoasASantos / Probabilistic-Call-Stack-PoC
View on GitHub
A proof-of-concept to demonstrate randomized execution paths and their impact on call stack signatures — ideal for EDR testing, behavior-…
☆24Jan 17, 2026Updated 2 months ago
JayGLXR / RustyMirage
View on GitHub
A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
☆38Mar 6, 2025Updated last year
preludeorg / ThreatIntelligenceConsumer
View on GitHub
Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…
☆69Jan 19, 2026Updated 2 months ago
jc-ryan / holistic_automated_red_teaming
View on GitHub
[EMNLP 2024] Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction
☆17Nov 9, 2024Updated last year
Logisek / AZexec
View on GitHub
The Azure Execution Tool
☆139Feb 6, 2026Updated last month
GoSecure / prompt
View on GitHub
AI-based implant feature
☆25Apr 28, 2025Updated 10 months ago
nbaertsch / PoolProxy
View on GitHub
Proxy function calls through the thread pool with ease
☆31Feb 27, 2025Updated last year
CompassSecurity / pipeleek
View on GitHub
Pipeleek scans CI/CD logs and artifacts to detect leaked secrets and pivot from them
☆19Updated this week
h41th / Simple-Crystal-Palace-RDLL-template-for-Adaptix
View on GitHub
☆37Feb 12, 2026Updated last month
thalium / rkchk
View on GitHub
Rust Linux Kernel Module designed for LKM rootkit detection
☆60Mar 12, 2025Updated last year
tehstoni / cmstp_uac_bypass_bof
View on GitHub
☆15May 30, 2025Updated 9 months ago
KiExitDispatcher / PhantomDelay
View on GitHub
PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …
☆19May 8, 2025Updated 10 months ago
al1abb / cybersecurity-vault-obsidian
View on GitHub
Obsidian Vault for my Cybersecurity learning
☆10Oct 20, 2024Updated last year
itaymigdal / Poshito
View on GitHub
Poshito is a Windows C2 over Telegram
☆21Oct 30, 2024Updated last year
nbaertsch / Shrike
View on GitHub
Hunting and injecting RWX 'mockingjay' DLLs in pure nim
☆60Dec 11, 2024Updated last year
kleiton0x00 / RtlHijack
View on GitHub
Alternative Read and Write primitives using Rtl* functions the unintended way.
☆79Aug 25, 2025Updated 6 months ago
mrLochness350 / Libload-Reflective
View on GitHub
☆17Feb 14, 2025Updated last year
Print3M / epic
View on GitHub
PIC shellcode (C/C++) development toolkit designed for malware developers.
☆121Dec 23, 2025Updated 2 months ago
Teach2Breach / noldr
View on GitHub
Dynamically resolve API function addresses at runtime in a secure manner.
☆73Nov 11, 2025Updated 4 months ago
0xsh3llf1r3 / ColdWer
View on GitHub
Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass
☆121Jan 29, 2026Updated last month
pruno7 / nEkko
View on GitHub
A nim port of C5pider's Ekko project.
☆17Oct 1, 2022Updated 3 years ago
zero2504 / Early-Cryo-Bird-Injections
View on GitHub
Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
☆139Apr 6, 2025Updated 11 months ago
KiExitDispatcher / Amsi-Patch-Updated-2025
View on GitHub
How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
☆26Apr 21, 2025Updated 10 months ago
CompassSecurity / conkeyscan
View on GitHub
A Pentesters Confluence Keyword Scanner
☆17Dec 3, 2024Updated last year
amroes / FlexSheller
View on GitHub
☆12Feb 4, 2025Updated last year
nbaertsch / AutoAppDomainHijack
View on GitHub
Automated .NET AppDomain hijack payload generation
☆129Feb 4, 2025Updated last year
0xflux / Vectored-Exception-Handling-Squared
View on GitHub
Vectored Exception Handling Squared
☆31Dec 27, 2025Updated 2 months ago
Teach2Breach / pool_party_rs
View on GitHub
remote process injections using pool party techniques
☆70Jun 29, 2025Updated 8 months ago
smokeme / asar-backdoor
View on GitHub
☆33Mar 19, 2025Updated last year
OtterHacker / M365Pwned
View on GitHub
Two WinForms GUI tools for enumerating, searching, and exfiltrating data from M365 environments using application-level OAuth tokens
☆149Mar 4, 2026Updated 2 weeks ago
EvilBytecode / EByte-Pattern-AmsiPatch
View on GitHub
Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…
☆28May 13, 2025Updated 10 months ago
In3x0rabl3 / Proxywatch
View on GitHub
ProxyWatch
☆46Feb 28, 2026Updated 3 weeks ago
zux0x3a / Phantom
View on GitHub
Phantom is project created to perform loading and executing .NET assemblies directly in memory within an IIS environment running in full‑…
☆68Mar 10, 2026Updated last week
garrettfoster13 / CVE-2025-59501
View on GitHub
CVE-2025-59501 POC code
☆25Nov 20, 2025Updated 4 months ago
alex-ilgayev / windbg-kernel-debug-cheat-sheet
View on GitHub
Helpful WinDBG command for kernel debugging
☆28Nov 29, 2020Updated 5 years ago
joaoviictorti / coffeeldr
View on GitHub
A COFF Loader written in Rust
☆140Dec 1, 2025Updated 3 months ago
fin3ss3g0d / StoneKeeper
View on GitHub
StoneKeeper C2, an experimental EDR evasion framework for research purposes
☆209Dec 25, 2024Updated last year
mihaly044 / pedigest
View on GitHub
Helper functions for calculating the authenticode digest for a portable executable file
☆21Apr 30, 2020Updated 5 years ago