Alternatives and similar repositories for Umbra

Users that are interested in Umbra are comparing it to the libraries listed below

• mav8557 / Father
  LD_PRELOAD rootkit
  ☆132Updated last year
• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 3 years ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago
• MatheuZSecurity / UnhookingLinuxEdr
  Attacking the cleanup_module function of a kernel module
  ☆36Updated 2 months ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated last year
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆137Updated 2 years ago
• compilepeace / EVIL_RABBIT
  -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
  ☆27Updated 4 years ago
• jakuta-tech / GhostShell
  Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
  ☆97Updated 5 years ago
• RedTeamOperations / Journey-to-McAfee
  ☆113Updated 3 years ago
• JohnWoodman / stealthInjector
  Injects shellcode into remote processes using direct syscalls
  ☆78Updated 4 years ago
• 0xvpr / Malicious-Software-Research
  A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.
  ☆33Updated 2 months ago
• JrM2628 / httpworker
  A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…
  ☆90Updated last year
• h0mbre / Dali
  ☆67Updated 2 years ago
• thesp0nge / shellerate
  A shellcode generator with encryption, encoding and polymorphism facilities built-in
  ☆33Updated 3 years ago
• trickster0 / EDR_Detector
  EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.
  ☆94Updated 3 years ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆106Updated 3 months ago
• vulnwarex / bin2sc
  Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
  ☆73Updated 4 years ago
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆40Updated last year
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆66Updated 3 years ago
• cyberark / malware-research
  ☆38Updated 3 months ago
• NUL0x4C / DeleteShadowCopies
  Deleting Shadow Copies In Pure C++
  ☆114Updated 2 years ago
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆175Updated 7 years ago
• waldo-irc / MalMemDetect
  Detect strange memory regions and DLLs
  ☆183Updated 3 years ago
• 0xpat / COFFInjector
  PoC MSVC COFF Object file loader/injector.
  ☆177Updated 4 years ago
• IkerSaint / KingHamlet
  Process Ghosting Tool
  ☆174Updated 3 years ago
• enkomio / BrokenFlow
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆116Updated 2 years ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆58Updated 2 years ago
• sapph2c / bifrost
  A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.
  ☆36Updated last year
• plackyhacker / Peruns-Fart
  Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.
  ☆108Updated 3 years ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆72Updated 4 years ago