Alternatives and similar repositories for malsrc:

Users that are interested in malsrc are comparing it to the libraries listed below

• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆63Updated 5 months ago
• EspressoCake / Defender-Exclusions-Creator-BOF
  ☆78Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆51Updated 5 months ago
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆73Updated 3 months ago
• NtDallas / sharp-execute
  Execute dotnet app from unmanaged process
  ☆68Updated last month
• dis0rder0x00 / ParentProcessManipulation-LNK
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆24Updated 4 months ago
• parzel / GoSleepyCrypt
  In-memory sleep encryption and heap encryption for Go applications through a shellcode function.
  ☆39Updated last year
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆36Updated last year
• jsecu / ModTask
  ☆50Updated last month
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆81Updated 4 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 5 months ago
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆80Updated 2 years ago
• deh00ni / NtDumpBOF
  ☆92Updated 4 months ago
• REDMED-X / InjectKit
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆92Updated last year
• ScriptIdiot / sleepmask_PatchlessHook
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆82Updated last year
• HulkOperator / AuthStager
  ☆48Updated 3 months ago
• c3r3br4t3 / ShadowRDP
  ☆62Updated 11 months ago
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆44Updated 3 weeks ago
• v1k1ngfr / fuegoshell
  Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445
  ☆41Updated 9 months ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 4 months ago
• MaorSabag / interactive-execute-shellcode
  A simple PoC of injection shellcode into a remote process and get the output using namepipe
  ☆42Updated last year
• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆60Updated last year
• djackreuter / btexec
  Execute shellcode via Bluetooth device authentication
  ☆29Updated 2 weeks ago
• fern89 / C2
  A basic C2 framework written in C
  ☆59Updated 6 months ago
• kyxiaxiang / AV_EDR_EPP_Notes
  ☆45Updated 9 months ago
• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆103Updated 3 months ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆99Updated last year
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆149Updated last year
• absholi7ly / CVE-2025-0282-Ivanti-exploit
  CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…
  ☆36Updated 2 weeks ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆56Updated last year