Alternatives and similar repositories for SpyAI

Users that are interested in SpyAI are comparing it to the libraries listed below

• rad9800 / talks
  ☆55Updated last month
• badhive / alca
  Rule Engine for Dynamic Malware Analysis and Research
  ☆23Updated last month
• rad9800 / RansomFS
  ☆31Updated 3 months ago
• wetw0rk / wetw0rk.github.io
  ☆18Updated 2 weeks ago
• rbmm / TL-TASK
  ☆18Updated last week
• nafiez / DataBlockNTLMLeak
  Windows Shell Link (LNK) Proof of Concept
  ☆14Updated this week
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆40Updated 10 months ago
• HulkOperator / AuthStager
  ☆55Updated 7 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆60Updated 10 months ago
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆27Updated 11 months ago
• 7eRoM / tutorials
  ☆16Updated last month
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆63Updated last year
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 4 months ago
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated last year
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆43Updated 3 weeks ago
• Teach2Breach / hollow_rs
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆29Updated 4 months ago
• 0xTriboulet / T-70
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆39Updated 7 months ago
• xelemental / Mal-LNK-Generator
  ☆34Updated 2 months ago
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆53Updated 2 weeks ago
• winsecurity / AMSI-Bypass-HWBP
  ☆22Updated 2 months ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆52Updated 3 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆54Updated 4 months ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 5 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆50Updated 6 months ago
• cbwang505 / FilesystemEoPDesktopSystemShell
  Folder Or File Delete to Get System Shell on Current Session Desktop
  ☆39Updated 4 months ago
• zzhsec / NlsCodeInjectionThroughRegistry
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆17Updated 2 years ago
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆36Updated 3 months ago
• Slowerzs / CryptDecryptMemory
  ☆30Updated 6 months ago
• woldann / NThread
  Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…
  ☆43Updated last week