Alternatives and similar repositories for pycave

Users that are interested in pycave are comparing it to the libraries listed below

• panagioto / Mimir
  A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…
  ☆45Updated 4 years ago
• Coalfire-Research / ERC.Xdbg
  An Xdbg Plugin of the ERC Library.
  ☆26Updated 2 years ago
• obscuritylabs / PeFixup
  PE File Blessing - To continue or not to continue
  ☆87Updated 6 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆70Updated 4 years ago
• GrayKernel / GrayFrost
  C++ DLL Bootstrapper for spinning up the CLR for C# Payloads
  ☆44Updated 6 years ago
• zacateras / sddl-parser
  Security Descriptor Definition Language (SDDL) Parser
  ☆38Updated 4 months ago
• uf0o / PykDumper
  Dumping credentials through windbg and pykd
  ☆41Updated 2 years ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆70Updated 2 years ago
• ITAYC0HEN / SUNBURST-Cracked
  The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
  ☆56Updated 5 years ago
• FuzzySecurity / Driver-Template
  Bare template for a Kernel Mode Driver
  ☆51Updated 5 years ago
• CERTCC / privesc
  Process Monitor filter for finding privilege escalation vulnerabilities on Windows
  ☆79Updated 4 years ago
• Maff1t / WindowsPermsPoC
  A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows
  ☆52Updated 4 years ago
• Wenzel / osw-fs-windows
  A git history of Windows filesystems
  ☆77Updated 5 years ago
• amitwaisel / Malproxy
  Proxy system calls over an RPC channel
  ☆100Updated 4 years ago
• DanusMinimus / Injections
  A repository where I share my injection implemintations
  ☆29Updated 5 years ago
• xalicex / kernel-debug-lab-for-virtual-box
  How to set up 2 VirtualBox VM to debug kernel driver using windbg
  ☆57Updated 3 years ago
• DidierStevens / FalsePositives
  Tools that trigger False Positive AV alerts
  ☆53Updated last year
• epi052 / rustdsplit
  At some point, I learned about a method to perform a binary search on a file in order to identify its AV signature and change it to bypas…
  ☆36Updated 5 years ago
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆48Updated 2 years ago
• mattifestation / PoCSubjectInterfacePackage
  A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.
  ☆100Updated 8 years ago
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆111Updated 4 years ago
• hotnops / COM_Mapper
  A tool to create COM class/interface relationships in neo4j
  ☆50Updated 3 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 4 years ago
• p0dalirius / pyPDBdownload
  A Python script to download PDB files associated with a Portable Executable (PE)
  ☆128Updated 11 months ago
• oneNutW0nder / CatTails
  Raw socket library/framework for red team events
  ☆33Updated 2 years ago
• Cyb3rWard0g / WinRpcFunctions
  ☆68Updated 3 years ago
• OmerYa / Named-Pipe-Sniffer
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Updated 9 years ago
• thesecretclub / ArbitraryDirectoryDeletion
  From directory deletion to SYSTEM shell
  ☆111Updated 5 years ago
• zerosum0x0-archive / archive
  ☆59Updated 4 years ago
• robindimyan / MalwareVulnerabilitiesExposures
  Malware vulnerability research. Coming soon..
  ☆12Updated 5 years ago