Alternatives and similar repositories for malware-research:

Users that are interested in malware-research are comparing it to the libraries listed below

• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• shlyuz / teamserver
  ☆12Updated 2 years ago
• fozavci / ransoblin
  Ransoblin (Ransomware Bokoblin)
  ☆17Updated 4 years ago
• vyrus001 / ebowla-2
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆22Updated 3 years ago
• Cobalt-Strike / ZeroLogon-BOF
  ☆11Updated 4 years ago
• byt3bl33d3r / herpaderping
  Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…
  ☆19Updated 4 years ago
• py7hagoras / OfficeMacro64
  This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.f…
  ☆20Updated 5 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆16Updated 9 months ago
• Syslifters / split-bloodhound
  ☆17Updated last year
• rvrsh3ll / SharpSSDP
  SSDP Service Discovery
  ☆16Updated 6 years ago
• vletoux / OxidBindings
  Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
  ☆26Updated 4 years ago
• fashionproof / RunHijackHunter
  ☆16Updated 3 years ago
• NVISOsecurity / cobalt-strike-notifier
  ☆13Updated 3 years ago
• knavesec / EyeWitnessTheFitness
  Exactly what it sounds like, which is something rad
  ☆21Updated 2 years ago
• xenoscr / compressedCredBandit
  A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
  ☆18Updated 3 years ago
• Stealthbits / RIDHijackingProofofConceptKJ
  RID Hijacking Proof of Concept script by Kevin Joyce
  ☆15Updated 6 years ago
• chvancooten / nimbuild
  A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)
  ☆15Updated last year
• threatexpress / edc
  Event Data Collector
  ☆36Updated 7 months ago
• singe / nthasher
  A fast wordlist to nthash converter
  ☆21Updated 3 years ago
• mgeeky / EvilClippy
  A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…
  ☆23Updated 2 years ago
• Aetsu / drakus
  Drakus allows you to monitor the artifacts and domains used in a Red Team exercise to see if they have been uploaded to certain online ma…
  ☆13Updated 4 years ago
• MythicAgents / atlas
  ☆13Updated last year
• lapolis / palinka_c2
  Just another useless C2 occupying space in some HDD somewhere.
  ☆20Updated last year
• outflanknl / RedFile
  Serving files with conditions, serverside keying and more.
  ☆18Updated 2 years ago
• EspressoCake / Cobalt_Strike_Ansible
  A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.
  ☆33Updated 3 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• aj-code / 3gsocks
  3gsocks - a reverse connection socks5 based network pivot
  ☆10Updated 3 years ago
• fastlorenzo / redelk-server
  Ansible role to deploy RedELK server
  ☆18Updated last year