Alternatives and similar repositories for cape-docker

Users that are interested in cape-docker are comparing it to the libraries listed below

• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆467Updated 4 months ago
• itaymigdal / awesome-injection
  Centralized resource for listing and organizing known injection techniques and POCs
  ☆648Updated last month
• BlackSnufkin / BYOVD
  BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).
  ☆418Updated 3 weeks ago
• CAPESandbox / CAPE-parsers
  CAPE core and community parsers
  ☆15Updated last week
• zeze-zeze / ioctlance
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆406Updated 2 weeks ago
• Demonslay335 / CryptoTester
  A utility for playing with cryptography, geared towards ransomware analysis.
  ☆310Updated 2 months ago
• SafeBreach-Labs / PoolParty
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆1,200Updated last year
• eversinc33 / Banshee
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆567Updated 3 months ago
• cocomelonc / meow
  Cybersecurity research results. Simple C/C++ and Python implementations
  ☆278Updated this week
• Abyss-W4tcher / volatility3-symbols
  Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍
  ☆231Updated 2 weeks ago
• magicsword-io / LOLDrivers
  Living Off The Land Drivers
  ☆1,314Updated last week
• Unprotect-Project / Unprotect_Submission
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆198Updated last month
• m1-llie / MarauderMap-code
  [ICSE'24] An Empirical Study of Data Disruption by Ransomware Attacks
  ☆13Updated last year
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆779Updated last month
• mandiant / xrefer
  FLARE Team's Binary Navigator
  ☆292Updated 3 weeks ago
• Faran-17 / Windows-Internals
  Important notes and topics on my journey towards mastering Windows Internals
  ☆412Updated last year
• frkngksl / Shoggoth
  Shoggoth: Asmjit Based Polymorphic Encryptor
  ☆755Updated last year
• fareedfauzi / Flare-On-Challenges
  This repository aims to compile all Flare-On challenge binaries and write-ups. Update: 2014 -2024.
  ☆360Updated 7 months ago
• mandiant / GoReSym
  Go symbol recovery tool
  ☆842Updated 3 months ago
• hasherezade / tiny_tracer
  A Pin Tool for tracing API calls etc
  ☆1,559Updated last week
• 0xflux / Sanctum
  Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antiv…
  ☆444Updated 3 weeks ago
• roadwy / DefenderYara
  Extracted Yara rules from Windows Defender mpavbase and mpasbase
  ☆468Updated 2 months ago
• ycdxsb / WindowsPrivilegeEscalation
  Collection of Windows Privilege Escalation (Analyse/PoC/Exploit)
  ☆460Updated 11 months ago
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆430Updated last week
• SentineLabs / AlphaGolang
  IDApython Scripts for Analyzing Golang Binaries
  ☆650Updated last year
• daem0nc0re / VectorKernel
  PoCs for Kernelmode rootkit techniques research.
  ☆418Updated this week
• gatariee / gocheck
  Because AV evasion should be easy.
  ☆826Updated 11 months ago
• kuciapakrystian / filmoteka-team-no-5-GoIT
  Filmoteka is a team project that finalizes JS course in GoIT academy
  ☆16Updated last year
• N0fix / rust-std-sigs
  ☆23Updated last year
• Xacone / BestEdrOfTheMarket
  EDR Lab for Experimentation Purposes
  ☆1,374Updated 2 weeks ago