Alternatives and similar repositories for Silhouette

Users that are interested in Silhouette are comparing it to the libraries listed below

• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆52Updated 9 months ago
• sidaf / moonshine
  ☆69Updated last year
• naksyn / talks
  Repo containing my public talks
  ☆23Updated 2 years ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆79Updated last year
• captainGeech42 / implant.js
  Proof-of-concept modular implant platform leveraging v8
  ☆56Updated 7 months ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 3 years ago
• ACE-Responder / ace-proctree
  Create a cool process tree like https://twitter.com/ACEResponder.
  ☆35Updated 2 years ago
• matterpreter / FindETWProviderImage
  Quickly search for references to a GUID in DLLs, EXEs, and drivers
  ☆75Updated 3 years ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated last year
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆39Updated 3 years ago
• nullsection / SharpETW-Patch
  ☆23Updated last year
• CyberSecurityUP / SyscallHookDetector
  ☆18Updated last year
• jonny-jhnson / PowerParse
  PowerShell PE Parser
  ☆64Updated last year
• ashemery / REDM
  Reverse Engineering and Debugging Malware
  ☆32Updated 2 years ago
• magicsword-io / bootloaders
  bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…
  ☆67Updated 2 years ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆96Updated 3 years ago
• jborean93 / dpapi-ng
  Python DPAPI NG Decryptor for non-Windows Platforms
  ☆63Updated 9 months ago
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆21Updated last year
• d3adzo / mesa
  Command and Control that uses NTP as the transport protocol.
  ☆21Updated 3 years ago
• 0xTriboulet / ZeroTotal
  A collection of source code, binaries, and compilation scripts designed to bypass detection
  ☆25Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆74Updated 2 years ago
• mbrg / defcon30
  DEFCON30 Talk Material, References and Extra Bits
  ☆39Updated 2 years ago
• NextronSystems / gimphash
  Imphash-like calculation on Golang binaries
  ☆49Updated 3 years ago
• mattifestation / AntimalwareBlight
  Execute PowerShell code at the antimalware-light protection level.
  ☆141Updated 2 years ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆23Updated 9 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆90Updated last year
• jonny-jhnson / LDAPMon
  ☆45Updated last year
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆57Updated 3 years ago
• airbus-cert / minusone
  Powershell Linter
  ☆83Updated last week
• embee-research / Icedid-file-decryptor
  Static Decryptor for IcedID Malware
  ☆18Updated 3 years ago