Alternatives and similar repositories for Umbra

Users that are interested in Umbra are comparing it to the libraries listed below

• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 4 years ago
• zerosum0x0-archive / archive
  ☆55Updated 3 years ago
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆135Updated last year
• sapph2c / bifrost
  A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.
  ☆36Updated 2 years ago
• cyberark / malware-research
  ☆37Updated 6 months ago
• FlamingSpork / iptable_evil
  An evil bit backdoor for iptables
  ☆54Updated 4 years ago
• OccamsXor / sim-ba
  (Sim)ulate (Ba)zar Loader
  ☆29Updated 4 years ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆74Updated 4 years ago
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆66Updated 2 years ago
• thesp0nge / shellerate
  A shellcode generator with encryption, encoding and polymorphism facilities built-in
  ☆33Updated 3 years ago
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• marcusbotacin / Dropper
  Embed an executable as a PE resource, drops and launches it in runtime.
  ☆62Updated 3 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 3 years ago
• klecko / Rootkit
  Let's try to create a rootkit!
  ☆20Updated 5 years ago
• SourceCodeDeleted / rootkitdev-linux
  Rootkit Development tutorial series. Works on Kernel version 4.15 Can be adapted for 5.3+
  ☆44Updated 3 years ago
• CPunch / Laika
  Cross-platform RAT, written in C
  ☆87Updated 2 years ago
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆41Updated last year
• PL-V / Firefox-Grabber
  Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
  ☆42Updated 2 years ago
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆105Updated 2 months ago
• JohnWoodman / stealthInjector
  Injects shellcode into remote processes using direct syscalls
  ☆79Updated 4 years ago
• dobin / avred-server
  The AMSI server for Avred
  ☆30Updated last year
• itm4n / CVEs
  Random CVEs
  ☆32Updated 3 months ago
• JrM2628 / httpworker
  A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…
  ☆92Updated last year
• jakuta-tech / GhostShell
  Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
  ☆105Updated 5 years ago
• D3Ext / malware-practices
  Repo for malware development practices I post on my blog
  ☆34Updated 11 months ago
• EgeBalci / syscall_api
  ☆37Updated 2 years ago
• reveng007 / DareDevil
  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
  ☆37Updated 2 years ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆59Updated 3 years ago
• Maff1t / WindowsPermsPoC
  A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows
  ☆53Updated 4 years ago
• jhackz / RTO-Implant
  Red Team Operator: Malware Development Essentials Course
  ☆99Updated 5 years ago