Alternatives and similar repositories for malware-research

Users that are interested in malware-research are comparing it to the libraries listed below

• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 4 years ago
• uf0o / PykDumper
  Dumping credentials through windbg and pykd
  ☆41Updated last year
• Cobalt-Strike / ZeroLogon-BOF
  ☆12Updated 4 years ago
• twelvesec / dexter
  Data EXfiltration TestER
  ☆21Updated 6 years ago
• 3ndG4me / AgentSmith
  Golang C2 Agent PoC utilizing web and social media paltforms to issue command and control and pasting results to PasteBin
  ☆16Updated 5 years ago
• jfmaes / Red-Route53-Interactive
  ☆18Updated 5 years ago
• byt3bl33d3r / herpaderping
  Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…
  ☆20Updated 4 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆17Updated last year
• moohax / RedML
  Collection of red machine learning projects
  ☆41Updated 4 years ago
• chvancooten / nimbuild
  A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)
  ☆16Updated last year
• SecurityJosh / MuteSysmon
  A PowerShell script to prevent Sysmon from writing its events
  ☆16Updated 5 years ago
• jfmaes / Clippi-B
  ☆36Updated 5 years ago
• HuskyHacks / RustyTokenManipulation
  just manipulatin these here tokens yes sir nothing weird
  ☆22Updated 3 years ago
• sourcefrenchy / goqrexfil
  A mini project to exfiltrate data via QR codes
  ☆19Updated 3 weeks ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• qsecure-labs / Sp00fer
  Sp00fer blog post -
  ☆26Updated 3 years ago
• trustedsec / inProc_Evade_Get-InjectedThread
  PoC code from blog
  ☆16Updated 5 years ago
• redcode-labs / poXSSon
  A framework for easy payloads development and deployment, collection of customizable XSS payloads
  ☆26Updated 3 years ago
• whichbuffer / Lockbit-Black-3.0
  ☆24Updated 3 years ago
• Retrospected / kerbmon
  Continuous kerberoast monitor
  ☆45Updated 2 years ago
• fozavci / ransoblin
  Ransoblin (Ransomware Bokoblin)
  ☆18Updated 4 years ago
• purpl3f0xsecur1ty / OSCE-prep
  Exploits made practicing for OSCE
  ☆23Updated 4 years ago
• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 3 years ago
• sneakerhax / C2PE
  Red Team C2 and Post Exploitation code
  ☆37Updated last month
• keydet89 / LNK
  Repository for LNK stuff
  ☆31Updated 2 years ago
• fastlorenzo / redelk-kibana-app
  Kibana app for RedELK
  ☆17Updated 2 years ago
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 4 years ago
• SpiderLabs / pingback
  ☆28Updated 4 years ago
• nccgroup / mimikatz-detector-busylight
  USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…
  ☆20Updated 2 years ago
• biitez / AWare
  PoC Ransomware with Coinbase Commerce integration built on C# .NET Framework (console) and PHP
  ☆25Updated 3 years ago