Alternatives and similar repositories for TriageMCP

Users that are interested in TriageMCP are comparing it to the libraries listed below

• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆38Updated 7 months ago
• OtterHacker / Hooker
  ☆108Updated 11 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆23Updated 9 months ago
• mez-0 / citadel
  A Payload Analysis Framework
  ☆97Updated 3 months ago
• xaitax / NTSleuth
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆129Updated last month
• rad9800 / talks
  ☆59Updated 5 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆100Updated 3 months ago
• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆64Updated 4 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 2 months ago
• sidaf / moonshine
  ☆69Updated last year
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 6 months ago
• jaredcatkinson / MalwareMorphology
  ☆82Updated 10 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆90Updated last year
• CroodSolutions / AutoRMM
  AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…
  ☆87Updated 2 months ago
• d1rkmtrr / VSCode-Backdoor
  Backdooring VSCode Projects
  ☆79Updated 3 months ago
• xpn / mythic_mcp
  A simple POC to expose Mythic as a MCP server
  ☆69Updated 6 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆114Updated last year
• ArtemBaranov / WindowsRootkitsGuide
  ☆70Updated 8 months ago
• CroodSolutions / BeaconatorC2
  BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…
  ☆83Updated last month
• Workday / raw-disk-parser
  A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs
  ☆81Updated last month
• whokilleddb / sinister-vsix
  Blog/Journal on how to backdoor VSCode extensions
  ☆74Updated 2 months ago
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆124Updated this week
• hasherezade / flareon2024
  ☆38Updated 9 months ago
• 0xNinjaCyclone / AsmLdr
  Dynamic shellcode loader with sophisticated evasion capabilities
  ☆80Updated this week
• MazX0p / CobaltSentry
  ☆24Updated 7 months ago
• dis0rder0x00 / obex
  Obex – Blocking unwanted DLLs in user mode
  ☆123Updated 2 weeks ago
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆63Updated 8 months ago
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆93Updated last year
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated last year
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆68Updated 7 months ago