Alternatives and similar repositories for SpyAI

Users that are interested in SpyAI are comparing it to the libraries listed below

• volticks / CVE-2025-21692-poc
  Proof of concept source code and misc files for my CVE-2025-21692 exploit, kernel version 6.6.75
  ☆37Updated last month
• x86byte / Stuxnet-Rootkit
  Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
  ☆72Updated last year
• referefref / Rusty-Telephone
  Exfiltrate data over audio output from remote desktop sessions - Covert channel PoC
  ☆63Updated 11 months ago
• ProcessusT / EnumSSN
  Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…
  ☆21Updated last year
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated last year
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆59Updated 8 months ago
• FuzzySecurity / Magikarp
  ECC Public Key Cryptography
  ☆38Updated 2 years ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• shalomc / bhasia2025
  BlackHat Asia 2025 code and presentations
  ☆18Updated 6 months ago
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆64Updated last year
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated 2 years ago
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆23Updated 6 months ago
• 7eRoM / tutorials
  ☆16Updated 5 months ago
• CyberSecurityUP / AV-EDR-Evasion-Practical-Techniques-Course
  ☆47Updated 4 months ago
• gemini-security / GithubC2
  ☆28Updated last year
• coffeak / exploit-tracker
  This Python-based GUI application allows you to track the latest security vulnerabilities (CVEs) using the
  ☆39Updated 7 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆50Updated 5 months ago
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆71Updated 5 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆66Updated last year
• TraiLeR2 / CVE-2023-36168
  An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component
  ☆11Updated 2 years ago
• HulkOperator / AuthStager
  ☆58Updated last year
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆25Updated last year
• MatheuZSecurity / UnhookingLinuxEdr
  Attacking the cleanup_module function of a kernel module
  ☆50Updated 4 months ago
• tehstoni / RustyKeys
  UAC Bypass using CMSTP in Rust
  ☆33Updated 10 months ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆25Updated last year
• 0x11DFE / file-unpumper
  Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.
  ☆28Updated 6 months ago
• Tomiwa-Ot / py-amsi
  Scan strings or files for malware using the Windows Antimalware Scan Interface
  ☆30Updated 2 years ago
• EvilBytecode / EByte-Ransomware
  Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.
  ☆41Updated 6 months ago
• MatheuZSecurity / ElfDoor-gcc
  ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
  ☆130Updated 6 months ago
• MatheuZSecurity / ModTracer
  ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.
  ☆88Updated 8 months ago