Alternatives and similar repositories for WhacAMole

Users that are interested in WhacAMole are comparing it to the libraries listed below

• NUL0x4C / DeleteShadowCopies
  Deleting Shadow Copies In Pure C++
  ☆118Updated 3 years ago
• jonny-jhnson / LDAPMon
  ☆46Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆78Updated 3 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆91Updated 3 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated 2 years ago
• ghostpepper108 / Evasion
  ☆107Updated 2 years ago
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆56Updated last year
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆88Updated last month
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆44Updated 2 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated 2 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆49Updated 3 years ago
• hackerhouse-opensource / MsSettingsDelegateExecute
  Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.
  ☆82Updated 3 years ago
• Maldev-Academy / PrefetchFileParser
  A lightweight Windows Prefetch file parser to extract programs' execution history
  ☆48Updated 2 weeks ago
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆96Updated 2 years ago
• ashemery / REDM
  Reverse Engineering and Debugging Malware
  ☆32Updated 2 years ago
• JPCERTCC / CobaltStrike-Config
  Repository for archiving Cobalt Strike configuration
  ☆35Updated this week
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆70Updated 3 years ago
• EgeBalci / syscall_api
  ☆38Updated 2 years ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 3 years ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆46Updated 2 years ago
• waldo-irc / MalMemDetect
  Detect strange memory regions and DLLs
  ☆183Updated 4 years ago
• SafeBreach-Labs / CortexVortex
  ☆80Updated last year
• 0x00Check / ExploitLeakedHandle
  Identify and exploit leaked handles for local privilege escalation.
  ☆111Updated 2 years ago
• SafeBreach-Labs / aikido_wiper
  ☆68Updated 3 years ago
• wietze / windows-dll-env-hijacking
  Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.
  ☆62Updated 3 years ago
• CyberSecurityUP / SyscallHookDetector
  ☆18Updated last year
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆76Updated 2 years ago
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆55Updated 2 years ago
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆108Updated 3 years ago
• deepinstinct / VSTO-POC
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆31Updated 2 years ago