Alternatives and similar repositories for SpyAI

Users that are interested in SpyAI are comparing it to the libraries listed below

• x86byte / Stuxnet-Rootkit
  Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
  ☆65Updated 11 months ago
• coffeak / exploit-tracker
  This Python-based GUI application allows you to track the latest security vulnerabilities (CVEs) using the
  ☆39Updated 5 months ago
• CyberSecurityUP / AV-EDR-Evasion-Practical-Techniques-Course
  ☆46Updated 2 months ago
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated last year
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆64Updated last year
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated last year
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆55Updated 6 months ago
• 0x11DFE / file-unpumper
  Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.
  ☆27Updated 4 months ago
• aymenbrahimdjelloul / MalwareScan
  MalwareScan is a lightweight and fast malware scanner written in Python. It supports both Windows and Linux platforms and provides an ope…
  ☆13Updated 2 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆49Updated 3 months ago
• 7eRoM / tutorials
  ☆16Updated 3 months ago
• EvilBytecode / EByte-Ransomware
  Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.
  ☆39Updated 4 months ago
• FuzzySecurity / Magikarp
  ECC Public Key Cryptography
  ☆39Updated last year
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆23Updated 4 months ago
• hackerhouse-opensource / AESCrypt
  AES-256 Microsoft Cryptography API Example Use.
  ☆31Updated last year
• referefref / Rusty-Telephone
  Exfiltrate data over audio output from remote desktop sessions - Covert channel PoC
  ☆62Updated 8 months ago
• nyxgeek / dirdevil
  hiding in plain sight: part 2
  ☆45Updated last year
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆49Updated last year
• Tomiwa-Ot / py-amsi
  Scan strings or files for malware using the Windows Antimalware Scan Interface
  ☆30Updated 2 years ago
• ProcessusT / EnumSSN
  Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…
  ☆21Updated last year
• actuator / DEFCON-33
  Hacking Hotspots: Pre-Auth Remote Code Execution, Arbitrary SMS & Adjacent Attacks on 5G & 4G LTE Routers
  ☆73Updated last week
• brosck / Rebellion
  「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
  ☆25Updated 4 months ago
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆68Updated 3 months ago
• shalomc / bhasia2025
  BlackHat Asia 2025 code and presentations
  ☆18Updated 4 months ago
• knight0x07 / DarkGate-Install-Script-via-DNS-TXT-Record
  PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
  ☆42Updated last year
• tehstoni / RustyKeys
  UAC Bypass using CMSTP in Rust
  ☆30Updated 8 months ago
• Malwation / Chiron-Unpacker
  Chiron Unpacker, developed by the Malwation MTR Team, is an Unpacker for Packers using the Assembly.Load function.
  ☆21Updated 10 months ago
• MatheuZSecurity / ModTracer
  ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.
  ☆85Updated 6 months ago
• woldann / NThread
  Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…
  ☆55Updated last week
• SaadAhla / IP-Hunter
  Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process
  ☆70Updated last year