Alternatives and similar repositories for x-ray-tls

Users that are interested in x-ray-tls are comparing it to the libraries listed below

• NorthwaveSecurity / lilo-pulse-secure-decrypt
  LILO based Pulse Secure appliance disk image decryptor
  ☆13Updated last year
• V3ded / Blog-Lab
  Source files for my posts
  ☆17Updated 2 years ago
• hongson11698 / defender-database-extract
  defender_database
  ☆18Updated last year
• elastic / siglearn
  Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
  ☆17Updated 4 months ago
• adava / CnCHunter
  This project fully automates the process of analyzing and exploiting IoT malware to find live CnC servers.
  ☆42Updated 11 months ago
• WithSecureLabs / dotnet-gargoyle
  A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique
  ☆52Updated 6 years ago
• eurecom-s3 / loaders_modeling
  ☆25Updated 2 years ago
• zimnyaa / LEOPARDSEAL
  A simple Linux in-memory .so loader
  ☆30Updated 2 years ago
• trailofbits / WinDbg-JS
  ☆25Updated last year
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆31Updated 5 years ago
• AsuNa-jp / HotkeybasedKeyloggerDetector
  ☆18Updated 4 months ago
• c3rb3ru5d3d53c / karton-unpacker
  A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.
  ☆58Updated 4 years ago
• splunk / PPLinject
  Inject unsigned DLL into Protected Process Light (PPL)
  ☆25Updated last month
• williamknows / CodeCoverageModuleStomping
  ☆12Updated 5 years ago
• SIFalcon / Detection
  ☆22Updated last year
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆34Updated 3 years ago
• ig-labs / defender-mpengine-fuzzing
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆26Updated last month
• PwCUK-CTO / iis-helper-plugin
  IDA Pro plugin to aid with the analysis of native IIS modules
  ☆18Updated 10 months ago
• 0mWindyBug / RansomGuard
  anti-ransomware file-system filter
  ☆59Updated 9 months ago
• EvanMcBroom / fuse-loader
  Load a dynamic library from memory using a fuse mount
  ☆31Updated last year
• magisterquis / alpt4ats
  A Lazy Programmer's Tips for Avoiding the SOC ~ BSides Belfast 2024
  ☆16Updated 9 months ago
• riesha / drv-vuln-scanner
  Finds imports that could be exploited, still requires manual analysis.
  ☆27Updated 2 years ago
• yo-yo-yo-jbo / virtual_memory_known_dlls
  ☆19Updated 2 years ago
• decoder-it / CreateTokenExample
  ☆17Updated 5 years ago
• ksen-lin / nitara2
  yet another hidden LKM hunter
  ☆24Updated last year
• roadwy / SIGNATURE_TYPE_LUASTANDALONE
  Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm
  ☆14Updated 11 months ago
• pathtofile / SimpleAmsiProvider
  A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
  ☆16Updated 5 years ago
• 0xcpu / winsmsd
  Windows (ShadowMove) Socket Duplication
  ☆83Updated 5 years ago
• RITRedteam / nosferatu
  Windows NTLM Authentication Backdoor
  ☆17Updated 3 years ago
• latortuga71 / DisablePPLDriverPoc
  Disable PPL via custom driver and dump lsass
  ☆15Updated 4 years ago