Alternatives and similar repositories for vx:

Users that are interested in vx are comparing it to the libraries listed below

• am0nsec / wspe
  Windows System Programming Experiments
  ☆219Updated 2 years ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆250Updated 3 years ago
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆108Updated 3 years ago
• commial / experiments
  Expriments
  ☆452Updated 5 months ago
• ayoubfaouzi / windows-exploitation
  My notes while studying Windows exploitation
  ☆186Updated last year
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆172Updated 3 months ago
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆227Updated 3 months ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆220Updated last year
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆129Updated last year
• rad9800 / WTSRM
  WTSRM
  ☆209Updated 2 years ago
• aaaddress1 / Skrull
  Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…
  ☆453Updated 3 years ago
• Cracked5pider / conti_locker
  Conti Locker source code
  ☆188Updated 3 years ago
• dalvarezperez / CreateFile_based_rootkit
  ☆133Updated 2 weeks ago
• CCob / SylantStrike
  Simple EDR implementation to demonstrate bypass
  ☆171Updated 4 years ago
• forrest-orr / phantom-dll-hollower-poc
  Phantom DLL hollowing PoC
  ☆358Updated 2 years ago
• tbhaxor / WinAPI-RedBlue
  Source code of exploiting windows API for red teaming series
  ☆148Updated 2 years ago
• hasherezade / module_overloading
  A more stealthy variant of "DLL hollowing"
  ☆342Updated last year
• rad9800 / TamperingSyscalls
  ☆475Updated 2 years ago
• br-sn / CheekyBlinder
  Enumerating and removing kernel callbacks using signed vulnerable drivers
  ☆556Updated 2 years ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆207Updated 2 years ago
• reevesrs24 / EvasiveProcessHollowing
  Evasive Process Hollowing Techniques
  ☆137Updated 4 years ago
• Unprotect-Project / Unprotect_Submission
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆158Updated last month
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆168Updated 6 years ago
• c3rb3ru5d3d53c / mwcfg
  A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck
  ☆127Updated last year
• trustedsec / COFFLoader
  ☆505Updated 4 months ago
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆69Updated 2 years ago
• huntandhackett / concealed_code_execution
  Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
  ☆205Updated 2 years ago
• WithSecureLabs / CallStackSpoofer
  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
  ☆471Updated 2 years ago
• crummie5 / FreshyCalls
  FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!
  ☆327Updated 2 years ago
• y11en / FOLIAGE
  Experiment on reproducing Obfuscate & Sleep
  ☆142Updated 4 years ago