Alternatives and similar repositories for Umbra

Users that are interested in Umbra are comparing it to the libraries listed below

• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 4 years ago
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆137Updated last year
• zerosum0x0-archive / archive
  ☆57Updated 4 years ago
• jakuta-tech / GhostShell
  Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
  ☆109Updated 5 years ago
• vulnwarex / bin2sc
  Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
  ☆74Updated 4 years ago
• thesp0nge / shellerate
  A shellcode generator with encryption, encoding and polymorphism facilities built-in
  ☆34Updated 3 years ago
• d4rk007 / sak1to-shell
  Multi-threaded, multi-os/platform (Linux/Windows) c2 server and Windows reverse TCP shell client both written in C.
  ☆121Updated 3 years ago
• klecko / Rootkit
  Let's try to create a rootkit!
  ☆19Updated 5 years ago
• OccamsXor / sim-ba
  (Sim)ulate (Ba)zar Loader
  ☆29Updated 5 years ago
• CPunch / Laika
  Cross-platform RAT, written in C
  ☆88Updated 3 years ago
• cyberark / malware-research
  ☆37Updated 10 months ago
• Error996 / bdvl
  bdvl
  ☆115Updated 3 years ago
• Cerbersec / notes
  Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.
  ☆86Updated 3 years ago
• PL-V / Firefox-Grabber
  Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
  ☆42Updated 3 years ago
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆112Updated 2 months ago
• sapph2c / bifrost
  A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.
  ☆36Updated 2 years ago
• Idov31 / rustomware
  Simple ransomware written in Rust. Part of the building a rustomware blog post.
  ☆34Updated 2 years ago
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆66Updated 3 years ago
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆68Updated 2 years ago
• marcusbotacin / Dropper
  Embed an executable as a PE resource, drops and launches it in runtime.
  ☆64Updated 4 years ago
• MatheuZSecurity / UnhookingLinuxEdr
  Attacking the cleanup_module function of a kernel module
  ☆54Updated 6 months ago
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆41Updated 2 years ago
• OsandaMalith / PE2HTML
  Injects HTML/PHP/ASP to the PE
  ☆104Updated 5 years ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated 2 years ago
• compilepeace / EVIL_RABBIT
  -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
  ☆27Updated 5 years ago
• 0vercl0k / paracosme
  Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…
  ☆89Updated 2 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated 2 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• itm4n / CVEs
  Random CVEs
  ☆34Updated 8 months ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆74Updated 4 years ago