Alternatives and similar repositories for mandibule

Users that are interested in mandibule are comparing it to the libraries listed below

• AonCyberLabs / Cexigua
  Linux based inter-process code injection without ptrace(2)
  ☆252Updated 7 years ago
• milabs / khook
  Linux Kernel hooking engine (x86)
  ☆350Updated 7 months ago
• croemheld / lkm-rootkit
  A LKM rootkit for most newer kernel versions.
  ☆177Updated 7 years ago
• zznop / drow
  Injects code into ELF executables post-build
  ☆235Updated last year
• 0xKira / qemu-vm-escape
  ☆284Updated 5 years ago
• elfmaster / libelfmaster
  Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
  ☆440Updated 2 months ago
• SheLLVM / SheLLVM
  A collection of LLVM transform and analysis passes to write shellcode in regular C
  ☆376Updated 2 years ago
• ilammy / ftrace-hook
  Using ftrace for function hooking in Linux kernel
  ☆275Updated 4 years ago
• maroueneboubakri / lscan
  lscan is a library identification tool on statically linked/stripped binaries
  ☆405Updated 4 years ago
• koutto / ioctlbf
  Windows Kernel Drivers fuzzer
  ☆352Updated 8 years ago
• yellowbyte / analysis-of-anti-analysis
  writings on anti-reverse engineering.
  ☆285Updated 3 years ago
• k0keoyo / kDriver-Fuzzer
  ☆472Updated 7 years ago
• nccgroup / idahunt
  idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro
  ☆388Updated last year
• malisal / loaders
  Tiny loaders for various binary formats.
  ☆238Updated 9 years ago
• push0ebp / ALLirt
  Tool that converts All of libc to signatures for IDA Pro FLIRT Plugin. and utility make sig with FLAIR easily
  ☆167Updated 2 years ago
• strazzere / golang_loader_assist
  Making GO reversing easier in IDA Pro
  ☆641Updated 5 years ago
• NoviceLive / research-rootkit
  LibZeroEvil & the Research Rootkit project.
  ☆593Updated 3 years ago
• elfmaster / saruman
  ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
  ☆135Updated 7 years ago
• meme / hellscape
  GIMPLE obfuscator for C, C++, Go, ... all supported GCC targets and front-ends that use GIMPLE.
  ☆401Updated 4 years ago
• SkyLined / alpha3
  Alphanumeric shellcode encoder.
  ☆162Updated 9 years ago
• googleprojectzero / bochspwn-reloaded
  A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3
  ☆305Updated 6 years ago
• googleprojectzero / bochspwn
  A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
  ☆337Updated 6 years ago
• elfmaster / dt_infect
  ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
  ☆110Updated 5 years ago
• 0x00pf / 0x00sec_code
  Code for my 0x00sec.org posts
  ☆324Updated 4 years ago
• can1357 / CVE-2018-8897
  Arbitrary code execution with kernel privileges using CVE-2018-8897.
  ☆418Updated 7 years ago
• tinysec / windows-syscall-table
  windows syscall table from xp ~ 10 rs4
  ☆353Updated 7 years ago
• jha / linux-kernel-hook
  A small kernel module that can hook arbitrary syscalls on x86_64
  ☆52Updated 5 years ago
• wmliang / pe-afl
  ☆248Updated 4 years ago
• howknows / awesome-windows-security-development
  awesome-windows-security-development
  ☆170Updated 7 years ago
• yaoyumeng / adore-ng
  linux rootkit adapted for 2.6 and 3.x
  ☆212Updated 9 years ago