Alternatives and similar repositories for malware-research

Users that are interested in malware-research are comparing it to the libraries listed below

• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• Cobalt-Strike / ZeroLogon-BOF
  ☆12Updated 4 years ago
• lapolis / palinka_c2
  Just another useless C2 occupying space in some HDD somewhere.
  ☆20Updated 2 years ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• vletoux / OxidBindings
  Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
  ☆26Updated 5 years ago
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 4 years ago
• chvancooten / nimbuild
  A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)
  ☆16Updated last year
• jfmaes / Clippi-B
  ☆35Updated 5 years ago
• NVISOsecurity / cobalt-strike-notifier
  ☆14Updated 3 years ago
• fozavci / ransoblin
  Ransoblin (Ransomware Bokoblin)
  ☆18Updated 4 years ago
• R-Secure / AMSI-Bypasses
  This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…
  ☆24Updated 3 years ago
• xenoscr / compressedCredBandit
  A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
  ☆19Updated 4 years ago
• knavesec / EyeWitnessTheFitness
  Exactly what it sounds like, which is something rad
  ☆22Updated 2 years ago
• tmenochet / ADThief
  Post-exploitation tool for attacking Active Directory domain controllers
  ☆18Updated 2 years ago
• shlyuz / teamserver
  ☆12Updated 3 years ago
• twelvesec / dexter
  Data EXfiltration TestER
  ☆21Updated 5 years ago
• byt3bl33d3r / herpaderping
  Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…
  ☆19Updated 4 years ago
• vyrus001 / ebowla-2
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆23Updated 3 years ago
• threatexpress / edc
  Event Data Collector
  ☆38Updated last week
• Aetsu / drakus
  Drakus allows you to monitor the artifacts and domains used in a Red Team exercise to see if they have been uploaded to certain online ma…
  ☆13Updated 4 years ago
• Syslifters / split-bloodhound
  ☆18Updated last year
• NVISOsecurity / FileSearcher
  ☆24Updated 5 years ago
• uf0o / PykDumper
  Dumping credentials through windbg and pykd
  ☆41Updated last year
• ricardojoserf / http-protocol-exfil
  Exfiltrate files using the HTTP protocol version ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1)
  ☆23Updated 3 years ago
• jfmaes / Red-Route53-Interactive
  ☆18Updated 4 years ago
• shantanu561993 / Awesome_Firebase_DomainFront
  Firebase Domain Front Code
  ☆21Updated 4 years ago
• NorthwaveSecurity / kernel-mii
  Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
  ☆29Updated 2 years ago
• password-reset / TrelloC2
  Simple C2 over the Trello API
  ☆38Updated 2 years ago
• egypt / fake-webdav
  ☆11Updated 4 years ago
• fastlorenzo / redelk-server
  Ansible role to deploy RedELK server
  ☆18Updated last year