Alternatives and similar repositories for EvilVM

Users that are interested in EvilVM are comparing it to the libraries listed below

• fishstiqz / nasmshell
  shell for nasm
  ☆65Updated 5 years ago
• josh0xA / threadfire
  PoC Thread Execution Hijacking for Win32 Code Injection
  ☆178Updated last year
• darkspik3 / Valhalla-ezines
  ☆34Updated 7 years ago
• netspooky / i2ao
  Intro to Assembly Optimization stream repo
  ☆30Updated 4 years ago
• hatRiot / shellme
  simple shellcode generator
  ☆114Updated 8 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆133Updated 2 years ago
• opsxcq / mirror-vxheaven.org
  Vxheaven.org website's mirror
  ☆178Updated 7 years ago
• netspooky / reversi
  Generate very tiny reverse shell binaries for Linux~
  ☆76Updated 5 years ago
• 0xN3utr0n / Noteme
  ELF packer/crypter that aims to create hardened and stealthy troyans
  ☆58Updated 4 years ago
• obscuritylabs / PeFixup
  PE File Blessing - To continue or not to continue
  ☆87Updated 6 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• EgeBalci / Cminer
  Cminer is a tool for enumerating the code caves in PE files.
  ☆155Updated 2 years ago
• guitmz / memrun
  Small tool to run ELF binaries from memory with a given process name
  ☆171Updated 4 years ago
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆74Updated 3 years ago
• praetorian-inc / vulcan
  a tool to make it easy and fast to test various forms of injection
  ☆173Updated 6 years ago
• t3rabyt3-zz / Gozi
  Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.
  ☆72Updated 7 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆237Updated 5 years ago
• Darkabode / zerokit
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆185Updated 6 years ago
• Antonin-Deniau / cave_miner
  Search for code cave in all binaries
  ☆284Updated 3 months ago
• FuzzySecurity / Capcom-Rootkit
  Capcom Rootkit POC
  ☆207Updated 8 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆97Updated 8 months ago
• panagioto / Mimir
  A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…
  ☆45Updated 4 years ago
• dalvarezperez / CreateFile_based_rootkit
  ☆138Updated 2 months ago
• hasherezade / process_chameleon
  A process overwriting its own PEB to make an illusion that it has been loaded from a different path.
  ☆99Updated 4 years ago
• m0n0ph1 / Basic-File-Crypter
  Process Hollowing techniques as used in many file Crypters (C/C++)
  ☆84Updated 5 years ago
• phra / x0rro
  A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2
  ☆140Updated 3 years ago
• am0nsec / vxlib
  C Header Only Library for Virii
  ☆12Updated 5 years ago
• Cr4sh / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆11Updated 7 years ago
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆66Updated 3 years ago
• Binject / binjection
  Injects additional machine instructions into various binary formats.
  ☆288Updated last year