Alternatives and similar repositories for APT32-deobfuscation

Users that are interested in APT32-deobfuscation are comparing it to the libraries listed below

• aaaddress1 / knownDlls_Poison
  ☆26Updated 3 years ago
• aazhuliang / CVE-2021-31956-EXP
  ☆40Updated 3 years ago
• hongson11698 / defender-database-extract
  defender_database
  ☆18Updated last year
• ASkyeye / CVE-2018-19320
  Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
  ☆20Updated 5 years ago
• k0keoyo / ksRPC_analysis_script
  ☆12Updated 4 years ago
• 0xhido / BlueLight
  Open-source EDR kernel-component for system monitoring and DLL injection
  ☆31Updated 4 years ago
• waleedassar / CVE-2022-24483
  POC For CVE-2022-24483
  ☆14Updated 3 years ago
• xpn / ObjectOverloadingPOC
  ☆62Updated 3 years ago
• Q4n / SuperPriv
  从admin冲到TrustedInstaller
  ☆17Updated 2 years ago
• a7t0fwa7 / windows-ps-callbacks-experiments
  Files for http://deniable.org/windows/windows-callbacks
  ☆25Updated 4 years ago
• Wa1nut4 / CVE-2024-26230
  LPE of CVE-2024-26230
  ☆24Updated 9 months ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• splunk / PPLinject
  Inject unsigned DLL into Protected Process Light (PPL)
  ☆25Updated last month
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 3 years ago
• zeze-zeze / HITCON-2023-Demo-CVE-2023-20562
  ☆61Updated last year
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆32Updated last year
• the-deniss / Vulnerability-Disclosures
  Vulnerability analysis and proof of concepts
  ☆34Updated 2 years ago
• jonpalmisc / CVE-2021-40531
  Quarantine bypass and RCE vulnerability in Sketch (proof-of-concept)
  ☆12Updated 3 years ago
• bharadwajyas / ppdump-public
  Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…
  ☆23Updated 5 years ago
• theabysslabs / CVE-2022-21881
  POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox
  ☆19Updated 2 years ago
• 474172261 / slides
  Collection of slides
  ☆33Updated last year
• waleedassar / ALPC_CLIENT_SERVER
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Updated 3 years ago
• V3ded / Blog-Lab
  Source files for my posts
  ☆16Updated 2 years ago
• h0li3 / mpengine_diskus
  参考taviso的代码逆向一下mpengine.dll
  ☆20Updated 2 years ago
• MalwareMechanic / RISCYpacker
  Process Hollowing Packer
  ☆26Updated 7 years ago
• vp777 / exploit-dev
  ☆11Updated 2 years ago
• yardenshafir / MitigationFlagsCliTool
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆46Updated 4 years ago
• ihack4falafel / ROR13HashGenerator
  C# implementation to produce ROR-13 numeric hash for given function API name
  ☆32Updated 6 years ago
• galdeleon / Conferences
  ☆12Updated 3 years ago
• ig-labs / defender-mpengine-fuzzing
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆26Updated last month