Alternatives and similar repositories for Umbra

Users that are interested in Umbra are comparing it to the libraries listed below

• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 3 years ago
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆134Updated last year
• sapph2c / bifrost
  A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.
  ☆36Updated last year
• d4rk007 / sak1to-shell
  Multi-threaded, multi-os/platform (Linux/Windows) c2 server and Windows reverse TCP shell client both written in C.
  ☆121Updated 3 years ago
• cyberark / malware-research
  ☆37Updated 4 months ago
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆66Updated 2 years ago
• klecko / Rootkit
  Let's try to create a rootkit!
  ☆20Updated 5 years ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆73Updated 4 years ago
• OccamsXor / sim-ba
  (Sim)ulate (Ba)zar Loader
  ☆29Updated 4 years ago
• SourceCodeDeleted / rootkitdev-linux
  Rootkit Development tutorial series. Works on Kernel version 4.15 Can be adapted for 5.3+
  ☆44Updated 3 years ago
• PL-V / Firefox-Grabber
  Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
  ☆42Updated 2 years ago
• zerosum0x0-archive / archive
  ☆55Updated 3 years ago
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆40Updated last year
• 0vercl0k / paracosme
  Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…
  ☆89Updated last year
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• marcusbotacin / Dropper
  Embed an executable as a PE resource, drops and launches it in runtime.
  ☆60Updated 3 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 3 years ago
• dobin / avred-server
  The AMSI server for Avred
  ☆30Updated last year
• JrM2628 / httpworker
  A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…
  ☆90Updated last year
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆66Updated 3 years ago
• reveng007 / DareDevil
  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
  ☆37Updated 2 years ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆107Updated 5 months ago
• rara64 / GetTrustedInstaller
  Make an executable run with TrustedInstaller permissions under SYSTEM account.
  ☆40Updated 4 years ago
• EgeBalci / WSAAcceptBackdoor
  Winsock accept() Backdoor Implant.
  ☆115Updated 4 years ago
• FlamingSpork / iptable_evil
  An evil bit backdoor for iptables
  ☆53Updated 4 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated last year
• Malwation / sentello
  Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.
  ☆73Updated 4 years ago
• jakuta-tech / GhostShell
  Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
  ☆98Updated 5 years ago
• hackerhouse-opensource / MsSettingsDelegateExecute
  Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.
  ☆77Updated 2 years ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago