Alternatives and similar repositories for Umbra:

Users that are interested in Umbra are comparing it to the libraries listed below

• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 3 years ago
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆131Updated last year
• gwillgues / BPFDoor
  BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen
  ☆43Updated 2 years ago
• sapph2c / bifrost
  A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.
  ☆36Updated last year
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆105Updated last month
• reveng007 / DareDevil
  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
  ☆38Updated 2 years ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago
• compilepeace / EVIL_RABBIT
  -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
  ☆27Updated 4 years ago
• JrM2628 / httpworker
  A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…
  ☆90Updated last year
• 0xvpr / Malicious-Software-Research
  A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.
  ☆30Updated this week
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆137Updated 2 years ago
• jakuta-tech / GhostShell
  Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
  ☆90Updated 4 years ago
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆80Updated last year
• OccamsXor / sim-ba
  (Sim)ulate (Ba)zar Loader
  ☆29Updated 4 years ago
• dobin / antnium
  A C2 framework for initial access in Go
  ☆177Updated 2 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆115Updated last year
• RedTeamOperations / Journey-to-McAfee
  ☆112Updated 2 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆36Updated 3 years ago
• SpikySabra / Kernel-Cactus
  It's pointy and it hurts!
  ☆124Updated 2 years ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆72Updated 4 years ago
• h0mbre / Dali
  ☆67Updated last year
• b1tg / Ox-C2
  Command & Control server and agent written in Rust
  ☆36Updated 2 years ago
• dobin / avred-server
  The AMSI server for Avred
  ☆29Updated last year
• shogunlab / Mochi
  Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.
  ☆99Updated 3 years ago
• trustedsec / SliverKeylogger
  ☆157Updated last year
• wietze / windows-dll-env-hijacking
  Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.
  ☆57Updated 2 years ago
• Idov31 / rustomware
  Simple ransomware written in Rust. Part of the building a rustomware blog post.
  ☆32Updated last year
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated last year
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆66Updated last year
• M507 / Restless
  A light C# implant that bypasses Windows Firewall and Defender
  ☆22Updated 3 years ago