Alternatives and similar repositories for malware

Users that are interested in malware are comparing it to the libraries listed below

• Darkabode / possessor
  User-mode part of Zerokit platform
  ☆22Updated 6 years ago
• GeoSn0w / Hexify
  A quick String < - > HEX tool for Windows with Drag & Drop and File saving
  ☆12Updated 6 years ago
• therealdreg / emuhookdetector
  hook detector using emulation and comparing static with dynamic outputs
  ☆17Updated 2 years ago
• zhuyue1314 / stoned-UEFI-bootkit
  ☆27Updated 9 years ago
• stephenfewer / OllyCallTrace
  OllyCallTrace is a plugin for OllyDbg to trace the call chain of a thread.
  ☆54Updated 13 years ago
• MortenSchenk / Privilege_Shellcode
  Kernel Shellcode to add all privileges in token
  ☆15Updated 8 years ago
• atlantis2013 / Evasion-Tools
  Anti-technique Codes, Detection of Anti-technique codes
  ☆38Updated 11 years ago
• mahmudz / malware
  ☆27Updated 8 years ago
• yaseralnajjar / deobfuscation-helper
  A simple tool to help reverse engineers while dealing with obfuscated code.
  ☆20Updated 9 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆17Updated 6 years ago
• rwfpl / rewolf-pcausa-exploit
  PCAUSA Rawether for Windows Local Privilege Escalation
  ☆39Updated 8 years ago
• owerosu / packerPE32
  Simple PE packer with RtlCompressBuffer
  ☆21Updated 10 years ago
• Cr4sh / IDA-UbiGraph
  IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph
  ☆26Updated 12 years ago
• n3k / misc_exploits_pocs
  Miscellaneous old Exploit code and PoCs
  ☆16Updated last year
• ximerus / Kryptonite
  A Win32 PE/Executable Crypter that employs on the fly encryption & decryption of memory
  ☆33Updated 11 years ago
• swatkat / arkitlib
  Windows anti-rootkit library
  ☆36Updated 10 years ago
• EvilKnight1986 / Simrep
  windows kernel File redirection
  ☆20Updated 11 years ago
• blaquee / APCHook
  hooking KiUserApcDispatcher
  ☆25Updated 8 years ago
• ScorchSecurity / Toast
  User-mode hook bypassing method
  ☆33Updated 9 years ago
• weixu8 / RegistryMonitor
  Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…
  ☆21Updated 11 years ago
• huku- / injectdso
  A collection of tools for injecting DSOs in processes under various operating systems
  ☆50Updated 3 years ago
• RolfRolles / HiddenBeeLoader
  IDA loader module for Hidden Bee's custom executable file format
  ☆20Updated 7 years ago
• sogeti-esec-lab / REBoot
  Bootkits Revisited
  ☆40Updated 11 years ago
• coldshell / IDA-appcall
  ☆13Updated 8 years ago
• kysam / NhoVirtualizer
  A simple native code virtualizer for 32-bit Windows PE
  ☆15Updated 9 years ago
• Iciclez / memory-analyzer-x86
  A loadable dll that tracks memory changes, IAT hooks, and dynamically emplaced "JMP" in the x86 host executable.
  ☆12Updated last year
• strazzere / dalvik-header-plugin
  Dalvik Header Plugin for IDA Pro
  ☆23Updated 12 years ago
• edix / MalwareResourceScanner
  Scanning and identifying XOR encrypted PE files in PE resources
  ☆28Updated 11 years ago
• Prevenity / malware_monitor
  Malware monitor template based on MinHook
  ☆16Updated 10 years ago
• Cr4sh / SimpleUnpacker
  Simple tool for unpacking packed/protected malware executables.
  ☆33Updated 13 years ago