dodo-sec/Malware-Analysis

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/dodo-sec/Malware-Analysis)

dodo-sec / Malware-Analysis

☆138

Alternatives and similar repositories for Malware-Analysis

Users that are interested in Malware-Analysis are comparing it to the libraries listed below

Sorting:

g-les / 100DaysofYARA
View on GitHub
100 Days of YARA to be updated with rules & ideas as the year progresses
☆60Jan 18, 2023Updated 3 years ago
Sam0x90 / CTI
View on GitHub
Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
☆83Apr 27, 2024Updated last year
sandmaxprime / VagrantMalwareWin10VM
View on GitHub
Vagrant Files to create a Virtualbox VM for Malware Analysis
☆13Jun 1, 2021Updated 4 years ago
susMdT / fictional-invention
View on GitHub
idk man this was the default github name
☆35Apr 23, 2023Updated 2 years ago
OtterHacker / Conferences
View on GitHub
☆335Sep 21, 2025Updated 6 months ago
jsecu / BOF-pack-1
View on GitHub
A care package of useful bofs for red team engagments
☆53Dec 6, 2024Updated last year
FuzzySecurity / BHUSA-2023
View on GitHub
☆105Jul 11, 2024Updated last year
0xTriboulet / Revenant
View on GitHub
Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
☆387Jul 30, 2024Updated last year
n1ght-w0lf / MalwareAnalysis
View on GitHub
My malware analysis code snippets
☆28Jul 15, 2023Updated 2 years ago
Signal-Labs / iat_unhook_sample
View on GitHub
(First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…
☆138Mar 3, 2025Updated last year
hackerhouse-opensource / CompMgmtLauncher_DLL_UACBypass
View on GitHub
CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive
☆111Feb 2, 2026Updated last month
thefLink / Hunt-Sleeping-Beacons
View on GitHub
Aims to identify sleeping beacons
☆663Jan 25, 2026Updated last month
WesleyWong420 / RedTeamOps-Havoc-101
View on GitHub
Materials for the workshop "Red Team Ops: Havoc 101"
☆394Oct 6, 2024Updated last year
outflanknl / C2-Tool-Collection
View on GitHub
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
☆1,374Oct 27, 2023Updated 2 years ago
mertdas / SharpLateral
View on GitHub
Lateral Movement
☆126Nov 14, 2023Updated 2 years ago
kyleavery / pendulum
View on GitHub
Linux Sleep Obfuscation
☆112Jan 7, 2024Updated 2 years ago
thefLink / Hunt-Weird-ImageLoads
View on GitHub
Small tool to play with IOCs caused by Imageload events
☆44May 14, 2023Updated 2 years ago
xforcered / DayBird
View on GitHub
Extension functionality for the NightHawk operator client
☆26Oct 31, 2023Updated 2 years ago
yo-yo-yo-jbo / injection_and_hooking_intro
View on GitHub
☆38Apr 7, 2023Updated 2 years ago
ZeroMemoryEx / C2-Hunter
View on GitHub
Extract C2 Traffic
☆254Nov 25, 2024Updated last year
pathtofile / SealighterTI
View on GitHub
Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
☆198Dec 6, 2022Updated 3 years ago
Pascal-0x90 / sideloadr
View on GitHub
Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
☆57Oct 10, 2022Updated 3 years ago
PaulNorman01 / Forensia
View on GitHub
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
☆785Jun 23, 2023Updated 2 years ago
OtterHacker / Cerbere
View on GitHub
☆48Feb 11, 2023Updated 3 years ago
LloydLabs / shellcode-plain-sight
View on GitHub
Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
☆211Nov 12, 2025Updated 4 months ago
attl4s / freeMetsrvLoader
View on GitHub
freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
☆35Mar 28, 2023Updated 2 years ago
georgi-i / winevt_logs_analysis
View on GitHub
Searching .evtx logs for remote connections
☆24Jul 6, 2023Updated 2 years ago
janoglezcampos / DeathSleep
View on GitHub
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
☆535Aug 1, 2022Updated 3 years ago
Idov31 / Jormungandr
View on GitHub
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
☆244Sep 26, 2023Updated 2 years ago
StrangerealIntel / Orion
View on GitHub
A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
☆141Nov 19, 2023Updated 2 years ago
n0kovo / awesome-wordlists
View on GitHub
A curated list wordlists for bruteforcing and fuzzing
☆85Apr 3, 2023Updated 2 years ago
Macmod / malkom
View on GitHub
Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets o…
☆17Apr 6, 2023Updated 2 years ago
chvancooten / maldev-for-dummies
View on GitHub
A workshop about Malware Development
☆1,771Jun 2, 2023Updated 2 years ago
phackt / wptsextensions.dll
View on GitHub
WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
☆56Jun 30, 2021Updated 4 years ago
daem0nc0re / TangledWinExec
View on GitHub
PoCs and tools for investigation of Windows process execution techniques
☆954Feb 2, 2026Updated last month
puzzlepeaches / NTLMRecon
View on GitHub
Enumerate information from NTLM authentication enabled web endpoints 🔎
☆34Aug 16, 2023Updated 2 years ago
matthw / malware_analysis
View on GitHub
☆18Mar 26, 2024Updated last year
last-byte / PersistenceSniper
View on GitHub
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows…
☆2,077Dec 11, 2024Updated last year
Maldev-Academy / HellHall
View on GitHub
Performing Indirect Clean Syscalls
☆605Apr 19, 2023Updated 2 years ago