Alternatives and similar repositories for pycave

Users that are interested in pycave are comparing it to the libraries listed below

• hasherezade / pe2pic
  Small visualizator for PE files
  ☆69Updated last year
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆68Updated 4 years ago
• panagioto / Mimir
  A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…
  ☆43Updated 4 years ago
• Coalfire-Research / ERC.Xdbg
  An Xdbg Plugin of the ERC Library.
  ☆26Updated last year
• ITAYC0HEN / SUNBURST-Cracked
  The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
  ☆56Updated 4 years ago
• enkomio / thematrix
  a PE Loader and Windows API tracer. Useful in malware analysis.
  ☆143Updated 2 years ago
• obscuritylabs / PeFixup
  PE File Blessing - To continue or not to continue
  ☆87Updated 5 years ago
• uf0o / PykDumper
  Dumping credentials through windbg and pykd
  ☆41Updated last year
• airbus-cert / vbSparkle
  VBScript & VBA source-to-source deobfuscator with partial-evaluation
  ☆80Updated last year
• GrayKernel / GrayFrost
  C++ DLL Bootstrapper for spinning up the CLR for C# Payloads
  ☆44Updated 6 years ago
• xalicex / kernel-debug-lab-for-virtual-box
  How to set up 2 VirtualBox VM to debug kernel driver using windbg
  ☆55Updated 3 years ago
• Dump-GUY / ghidra_scripts
  ☆71Updated 2 years ago
• DidierStevens / FalsePositives
  Tools that trigger False Positive AV alerts
  ☆50Updated 8 months ago
• repnz / shellcode2exe
  Batch script to compile a binary shellcode blob into an exe file
  ☆88Updated 6 years ago
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆111Updated 4 years ago
• hasherezade / hidden_bee_tools
  Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware
  ☆55Updated 3 weeks ago
• OALabs / trashdbg
  TrashDBG the world's worse debugger
  ☆23Updated 3 years ago
• d00rt / ebfuscator
  Ebfuscator: Abusing system errors for binary obfuscation
  ☆52Updated 5 years ago
• p0dalirius / pyPDBdownload
  A Python script to download PDB files associated with a Portable Executable (PE)
  ☆125Updated 6 months ago
• SafeBreach-Labs / SimpleBITSServer
  A simple python implementation of a BITS server.
  ☆105Updated 3 years ago
• amitwaisel / Malproxy
  Proxy system calls over an RPC channel
  ☆99Updated 3 years ago
• Maff1t / WindowsPermsPoC
  A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows
  ☆53Updated 4 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 3 years ago
• thesecretclub / ArbitraryDirectoryDeletion
  From directory deletion to SYSTEM shell
  ☆111Updated 5 years ago
• zacateras / sddl-parser
  Security Descriptor Definition Language (SDDL) Parser
  ☆38Updated 5 years ago
• a1ext / Windows-Exploit-Suggester
  This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…
  ☆15Updated 4 years ago
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆48Updated last year
• mandiant / dncil
  The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
  ☆166Updated last month
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆39Updated 4 years ago
• memprocfshunt / MemProcFSHunter
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆44Updated 4 years ago