Alternatives and similar repositories for EvilVM:

Users that are interested in EvilVM are comparing it to the libraries listed below

• fishstiqz / nasmshell
  shell for nasm
  ☆63Updated 4 years ago
• Antonin-Deniau / cave_miner
  Search for code cave in all binaries
  ☆276Updated 6 months ago
• josh0xA / threadfire
  PoC Thread Execution Hijacking for Win32 Code Injection
  ☆174Updated 5 months ago
• FuzzySecurity / Capcom-Rootkit
  Capcom Rootkit POC
  ☆188Updated 7 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆232Updated 4 years ago
• ewhitehats / InvisiblePersistence
  Persisting in the Windows registry "invisibly"
  ☆339Updated 6 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆129Updated last year
• hc0d3r / tas
  A tiny framework for easily manipulate the tty and create fake binaries.
  ☆154Updated 4 years ago
• hasherezade / persistence_demos
  Demos of various (also non standard) persistence methods used by malware
  ☆219Updated last year
• FSecureLABS / Ninjasploit
  A meterpreter extension for applying hooks to avoid windows defender memory scans
  ☆241Updated 4 years ago
• EgeBalci / Cminer
  Cminer is a tool for enumerating the code caves in PE files.
  ☆146Updated last year
• dsnezhkov / zombieant
  Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
  ☆218Updated 5 years ago
• amitwaisel / Malproxy
  Proxy system calls over an RPC channel
  ☆96Updated 2 years ago
• netspooky / reversi
  Generate very tiny reverse shell binaries for Linux~
  ☆75Updated 4 years ago
• K2 / ADMMutate
  Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia…
  ☆86Updated last year
• ajpc500 / NimlineWhispers
  A very proof-of-concept port of InlineWhispers for using syscalls in Nim projects.
  ☆163Updated 3 years ago
• praetorian-inc / vulcan
  a tool to make it easy and fast to test various forms of injection
  ☆172Updated 5 years ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆160Updated last month
• hoangprod / AndrewSpecial
  AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.
  ☆383Updated 5 years ago
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆68Updated 2 years ago
• am0nsec / wspe
  Windows System Programming Experiments
  ☆217Updated 2 years ago
• am0nsec / vx
  Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.
  ☆178Updated 2 years ago
• 86hh / POC-viruses
  POC viruses I have created to demo some ideas
  ☆59Updated 4 years ago
• CylanceVulnResearch / ReflectiveDLLRefresher
  Universal Unhooking
  ☆316Updated 6 years ago
• hfiref0x / WDExtract
  Extract Windows Defender database from vdm files and unpack it
  ☆433Updated 4 years ago
• ionescu007 / faxhell
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆325Updated 4 years ago
• hasherezade / chimera_pe
  ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…
  ☆218Updated last year
• Mr-Un1k0d3r / Shellcoding
  Shellcoding utilities
  ☆220Updated 4 years ago
• BorjaMerino / Pazuzu
  Pazuzu: Reflective DLL to run binaries from memory
  ☆212Updated 4 years ago