Alternatives and similar repositories for SpyAI:

Users that are interested in SpyAI are comparing it to the libraries listed below

• badhive / alca
  Rule Engine for Dynamic Malware Analysis and Research
  ☆23Updated last week
• rad9800 / RansomFS
  ☆29Updated last month
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated 10 months ago
• Slowerzs / KeyJumper
  ☆42Updated 3 weeks ago
• wetw0rk / wetw0rk.github.io
  ☆18Updated last month
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆55Updated 8 months ago
• rbmm / Services
  ☆18Updated 3 months ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆39Updated last month
• 0x11DFE / file-unpumper
  Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.
  ☆26Updated 3 weeks ago
• rad9800 / talks
  ☆35Updated last month
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆50Updated 4 months ago
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆36Updated 2 months ago
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆57Updated last year
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated last year
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆24Updated 8 months ago
• 0x4141414141 / Malware-Devlopment
  Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C
  ☆39Updated 5 years ago
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆38Updated 9 months ago
• mannyfred / MentalTi
  Mentally ill EtwTi parser
  ☆36Updated 3 weeks ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆34Updated 4 months ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆49Updated last year
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆27Updated last year
• 7eRoM / tutorials
  ☆16Updated 2 months ago
• ProcessusT / EnumSSN
  Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…
  ☆20Updated last year
• HulkOperator / AuthStager
  ☆54Updated 6 months ago
• Slowerzs / CryptDecryptMemory
  ☆30Updated 4 months ago
• 0xTriboulet / Abomination
  A synergized Visual Studio and Rust development environment
  ☆18Updated 3 months ago
• AnastasiKro / ALPChecker
  ALPChecker - a tool to detect spoofing and blinding attacks on the ALPC interaction
  ☆13Updated 2 years ago
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆22Updated 9 months ago
• zzhsec / NlsCodeInjectionThroughRegistry
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆17Updated 2 years ago