Alternatives and similar repositories for pycave

Users that are interested in pycave are comparing it to the libraries listed below

• obscuritylabs / PeFixup
  PE File Blessing - To continue or not to continue
  ☆87Updated 5 years ago
• Coalfire-Research / ERC.Xdbg
  An Xdbg Plugin of the ERC Library.
  ☆26Updated last year
• ITAYC0HEN / SUNBURST-Cracked
  The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
  ☆56Updated 4 years ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆70Updated 2 years ago
• panagioto / Mimir
  A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…
  ☆43Updated 4 years ago
• memprocfshunt / MemProcFSHunter
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆43Updated 4 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆68Updated 4 years ago
• Dump-GUY / ghidra_scripts
  ☆72Updated 2 years ago
• jthuraisamy / DIRT
  Driver Initial Reconnaissance Tool
  ☆123Updated 5 years ago
• zacateras / sddl-parser
  Security Descriptor Definition Language (SDDL) Parser
  ☆38Updated 3 weeks ago
• hotnops / RemoteDebugView
  A DLL that serves OutputDebugString content over a TCP connection
  ☆36Updated 4 years ago
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆112Updated 4 years ago
• amitwaisel / Malproxy
  Proxy system calls over an RPC channel
  ☆99Updated 3 years ago
• OmerYa / Named-Pipe-Sniffer
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Updated 8 years ago
• nao-sec / rr_decoder
  Royal Road RTF Weaponizer object decoder
  ☆24Updated last year
• xalicex / kernel-debug-lab-for-virtual-box
  How to set up 2 VirtualBox VM to debug kernel driver using windbg
  ☆56Updated 3 years ago
• hotnops / COM_Mapper
  A tool to create COM class/interface relationships in neo4j
  ☆50Updated 3 years ago
• DanusMinimus / Injections
  A repository where I share my injection implemintations
  ☆29Updated 5 years ago
• airbus-cert / cacdec
  The hidden mstsc recorder player
  ☆29Updated 5 years ago
• DidierStevens / FalsePositives
  Tools that trigger False Positive AV alerts
  ☆52Updated 9 months ago
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆38Updated 4 years ago
• daddycocoaman / turdshovel
  Dump objects from .NET dumps.
  ☆51Updated 3 years ago
• SafeBreach-Labs / SimpleBITSServer
  A simple python implementation of a BITS server.
  ☆105Updated 3 years ago
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆48Updated 2 years ago
• d00rt / ebfuscator
  Ebfuscator: Abusing system errors for binary obfuscation
  ☆52Updated 5 years ago
• intezer / analyze-community-ghidra-plugin
  Ghidra plugin for https://analyze.intezer.com
  ☆72Updated 2 years ago
• GrayKernel / GrayFrost
  C++ DLL Bootstrapper for spinning up the CLR for C# Payloads
  ☆44Updated 6 years ago
• jthuraisamy / av-fingerprints
  Antivirus Emulator Fingerprints
  ☆29Updated 7 years ago
• uf0o / PykDumper
  Dumping credentials through windbg and pykd
  ☆41Updated 2 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆43Updated 6 years ago