Alternatives and similar repositories for volplugins:

Users that are interested in volplugins are comparing it to the libraries listed below

• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• AssuranceMaladieSec / FoxTerrier
  Python tool to find vulnerable AD object and generating csv report
  ☆26Updated 2 years ago
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆54Updated 2 years ago
• C0axx / Modified-Thycotic-Secret-Stealer
  Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption
  ☆18Updated 2 years ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆46Updated last month
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆73Updated last year
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆91Updated last year
• nullsection / SharpETW-Patch
  ☆22Updated last year
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated last year
• pgormanDS / hash_spider
  A module for CME that spiders across a domain.
  ☆35Updated 2 years ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• morRubin / NegoExRelay
  ☆85Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆71Updated 2 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆51Updated 9 months ago
• xalicex / FoxTerrier
  Python tool to find vulnerable AD object and generating csv report
  ☆14Updated 2 years ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆96Updated 10 months ago
• CCob / PinSwipe
  Smart Card PIN swiping DLL
  ☆77Updated 4 years ago
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆93Updated 7 months ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆58Updated last year
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• rkbennett / pybof
  Python module for running BOFs
  ☆69Updated last year
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆55Updated 2 years ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆65Updated 8 months ago
• EspressoCake / Process_Protection_Level_BOF
  ☆56Updated 3 years ago
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆88Updated 2 years ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆13Updated 2 months ago
• 0xe7 / RoastInTheMiddle
  ☆72Updated last year
• RiccardoAncarani / talks
  ☆42Updated 2 years ago