Alternatives and similar repositories for DotNet-MetaData

Users that are interested in DotNet-MetaData are comparing it to the libraries listed below

• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated 2 years ago
• FarghlyMal / Config-Extractors
  ☆27Updated 6 months ago
• codewhitesec / apollon
  Proof-of-Concept to evade auditd by writing /proc/PID/mem
  ☆21Updated last year
• Foolish1337 / kernel-programming
  Progress of learning kernel development
  ☆14Updated 2 years ago
• EgeBalci / syscall_api
  ☆37Updated last year
• SolomonSklash / COM-Hijacking
  An example of COM hijacking using a proxy DLL.
  ☆28Updated 3 years ago
• nullsection / SharpETW-Patch
  ☆23Updated last year
• matthw / malware_analysis
  ☆18Updated last year
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• cod3nym / Ghosting-AMSI
  Ghosting-AMSI
  ☆17Updated last month
• rbmm / Services
  ☆18Updated 4 months ago
• TarlogicSecurity / sepriv
  Tool to manage user privileges
  ☆28Updated 5 years ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆62Updated 3 years ago
• codewhitesec / daphne
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆17Updated last year
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆17Updated last year
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 10 months ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆43Updated last year
• D4rthMaulCop / DarthNetLoader
  ☆15Updated last year
• samisecure / LsassDumpReflectiveDll
  Dump Lsass Memory Using a Reflective Dll
  ☆14Updated 3 years ago
• 7eRoM / tutorials
  ☆16Updated 3 weeks ago
• bot984397 / eepy
  ☆31Updated last month
• thiagopeixoto / allsysno
  This tool parses NTDLL.DLL, extracts all the syscall numbers and helps in making direct syscalls, in order to help evasion.
  ☆15Updated 2 years ago
• waleedassar / SyscallNumberExtractor
  ☆24Updated 3 years ago
• therealunicornsecurity / tricard
  Tricard - Malware Sandbox Fingerprinting
  ☆20Updated last year
• rbmm / ARL
  ☆24Updated 4 months ago
• Teach2Breach / NtCreateUserProcess_rs
  example using NtCreateUserProcess in rust
  ☆19Updated 4 months ago
• FuzzySecurity / SAFACon-Vienna
  ☆23Updated last year
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆20Updated 2 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago