Alternatives and similar repositories for Umbra:

Users that are interested in Umbra are comparing it to the libraries listed below

• mav8557 / Father
  LD_PRELOAD rootkit
  ☆131Updated last year
• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 3 years ago
• JrM2628 / httpworker
  A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…
  ☆90Updated last year
• gwillgues / BPFDoor
  BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen
  ☆44Updated 2 years ago
• jakuta-tech / GhostShell
  Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
  ☆91Updated 4 years ago
• cyberark / malware-research
  ☆36Updated last month
• PL-V / Firefox-Grabber
  Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
  ☆42Updated 2 years ago
• sapph2c / bifrost
  A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.
  ☆36Updated last year
• Cerbersec / notes
  Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.
  ☆82Updated 3 years ago
• h0mbre / Dali
  ☆67Updated last year
• reveng007 / DareDevil
  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
  ☆38Updated 2 years ago
• compilepeace / EVIL_RABBIT
  -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
  ☆27Updated 4 years ago
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆66Updated last year
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆56Updated 2 years ago
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆100Updated 2 years ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆105Updated last month
• NUL0x4C / DeleteShadowCopies
  Deleting Shadow Copies In Pure C++
  ☆114Updated 2 years ago
• reevesrs24 / EvasiveProcessHollowing
  Evasive Process Hollowing Techniques
  ☆137Updated 4 years ago
• 0xvpr / Malicious-Software-Research
  A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.
  ☆30Updated last week
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆80Updated last year
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆137Updated 2 years ago
• SpikySabra / Kernel-Cactus
  It's pointy and it hurts!
  ☆124Updated 2 years ago
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆39Updated last year
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated last year
• zerosum0x0-archive / archive
  ☆54Updated 3 years ago
• ZeroMemoryEx / Tokenizer
  Kernel Mode Driver for Elevating Process Privileges
  ☆133Updated 2 years ago
• scrt / avdebugger
  ☆95Updated 3 years ago
• OccamsXor / sim-ba
  (Sim)ulate (Ba)zar Loader
  ☆29Updated 4 years ago
• dobin / antnium
  A C2 framework for initial access in Go
  ☆177Updated 2 years ago
• RedTeamOperations / Journey-to-McAfee
  ☆112Updated 2 years ago