Alternatives and similar repositories for Umbra

Users that are interested in Umbra are comparing it to the libraries listed below

• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 3 years ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago
• jakuta-tech / GhostShell
  Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
  ☆97Updated 5 years ago
• compilepeace / EVIL_RABBIT
  -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
  ☆27Updated 4 years ago
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆131Updated last year
• MatheuZSecurity / UnhookingLinuxEdr
  Attacking the cleanup_module function of a kernel module
  ☆33Updated last month
• zerosum0x0-archive / archive
  ☆55Updated 3 years ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆72Updated 4 years ago
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆70Updated 3 years ago
• sapph2c / bifrost
  A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.
  ☆36Updated last year
• PL-V / Firefox-Grabber
  Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
  ☆42Updated 2 years ago
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆137Updated 2 years ago
• JrM2628 / httpworker
  A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…
  ☆90Updated last year
• vulnwarex / bin2sc
  Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
  ☆73Updated 4 years ago
• waldo-irc / MalMemDetect
  Detect strange memory regions and DLLs
  ☆183Updated 3 years ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆222Updated last year
• 0vercl0k / paracosme
  Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…
  ☆88Updated last year
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆66Updated 2 years ago
• R3x / linux-rootkits
  A collection of Linux kernel rootkits found across the internet taken and put together
  ☆73Updated 2 years ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆106Updated 3 months ago
• klecko / Rootkit
  Let's try to create a rootkit!
  ☆20Updated 5 years ago
• sailay1996 / cve-2022-21882-poc
  lpe poc for cve-2022-21882
  ☆49Updated 3 years ago
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• h0mbre / Dali
  ☆67Updated last year
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆64Updated 3 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆115Updated last year
• 0xpat / COFFInjector
  PoC MSVC COFF Object file loader/injector.
  ☆177Updated 4 years ago
• FlamingSpork / iptable_evil
  An evil bit backdoor for iptables
  ☆52Updated 4 years ago
• 0xvpr / Malicious-Software-Research
  A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.
  ☆33Updated last month
• NUL0x4C / DeleteShadowCopies
  Deleting Shadow Copies In Pure C++
  ☆114Updated 2 years ago