Alternatives and similar repositories for Anti-Forensics

Users that are interested in Anti-Forensics are comparing it to the libraries listed below

• georgesotiriadis / MalwareDev
  ☆86Updated 3 years ago
• jaredcatkinson / MalwareMorphology
  ☆84Updated last year
• sensepost / mydumbedr
  ☆120Updated 2 years ago
• lewiswigmore / virus.xcheck
  Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs…
  ☆60Updated 4 months ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆89Updated 2 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆108Updated 2 years ago
• naacbin / CovenantDecryptor
  ☆35Updated 2 years ago
• eric-conrad / c2-talk
  ☆37Updated last year
• dr4k0nia / tooling-playground
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆66Updated 2 years ago
• dodo-sec / Malware-Analysis
  ☆138Updated 2 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated 2 years ago
• 0x4141414141 / Malware-Devlopment
  Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C
  ☆39Updated 6 years ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆41Updated 4 years ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆59Updated 11 months ago
• hackerhouse-opensource / Artillery
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆182Updated last week
• StrangerealIntel / Shadow-Pulse
  information about ransomware groups (Ransomware Analysis Notes)
  ☆40Updated 2 years ago
• ghostpepper108 / Evasion
  ☆107Updated 2 years ago
• hackerhouse-opensource / WMIProcessWatcher
  A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
  ☆137Updated last week
• MalwareTech / HiddenDesktop
  Create and enumerate hidden desktops.
  ☆89Updated 2 years ago
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated last year
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆39Updated 11 months ago
• hwvs / Invoke-GPTObfuscation
  Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…
  ☆48Updated 2 years ago
• SafeBreach-Labs / DoubleDrive
  A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
  ☆128Updated last year
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆74Updated 2 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆124Updated last month
• macrl2000 / reaper-wu
  vulnlab.com reaper writeup
  ☆27Updated 2 years ago
• SafeBreach-Labs / wd-pretender
  ☆133Updated 2 years ago
• LOFL-Project / LOFLCAB
  ☆56Updated last year
• yo-yo-yo-jbo / injection_and_hooking_intro
  ☆38Updated 2 years ago
• S3N4T0R-0X0 / APT28-Adversary-Simulation
  This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe
  ☆38Updated last year