Alternatives and similar repositories for EvilVM

Users that are interested in EvilVM are comparing it to the libraries listed below

• fishstiqz / nasmshell
  shell for nasm
  ☆64Updated 5 years ago
• josh0xA / threadfire
  PoC Thread Execution Hijacking for Win32 Code Injection
  ☆178Updated last year
• darkspik3 / Valhalla-ezines
  ☆34Updated 7 years ago
• hatRiot / shellme
  simple shellcode generator
  ☆114Updated 8 years ago
• 0xN3utr0n / Noteme
  ELF packer/crypter that aims to create hardened and stealthy troyans
  ☆55Updated 3 years ago
• FuzzySecurity / Capcom-Rootkit
  Capcom Rootkit POC
  ☆206Updated 8 years ago
• dalvarezperez / CreateFile_based_rootkit
  ☆137Updated 7 months ago
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆73Updated 3 years ago
• t3rabyt3-zz / Gozi
  Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.
  ☆65Updated 7 years ago
• obscuritylabs / PeFixup
  PE File Blessing - To continue or not to continue
  ☆87Updated 5 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆131Updated 2 years ago
• netspooky / i2ao
  Intro to Assembly Optimization stream repo
  ☆26Updated 3 years ago
• EgeBalci / Cminer
  Cminer is a tool for enumerating the code caves in PE files.
  ☆154Updated 2 years ago
• praetorian-inc / vulcan
  a tool to make it easy and fast to test various forms of injection
  ☆173Updated 6 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆96Updated 5 months ago
• K2 / ADMMutate
  Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia…
  ☆92Updated last week
• amitwaisel / Malproxy
  Proxy system calls over an RPC channel
  ☆99Updated 3 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆237Updated 5 years ago
• papadp / reflective-injection-detection
  a program to detect reflective dll injection on a live machine
  ☆76Updated 9 years ago
• BorjaMerino / Windows-One-Way-Stagers
  Windows Stagers to circumvent restrictive network environments
  ☆67Updated last year
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆51Updated 5 years ago
• elfmaster / taskverse
  A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes
  ☆58Updated 10 years ago
• paranoidninja / Botnet-blogpost
  This repo basically contains the code that was mentioned in the blogposts that was written by me at:
  ☆96Updated 2 years ago
• hasherezade / process_chameleon
  A process overwriting its own PEB to make an illusion that it has been loaded from a different path.
  ☆98Updated 4 years ago
• hlldz / APC-PPID
  Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.
  ☆158Updated 6 years ago
• Darkabode / zerokit
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆183Updated 6 years ago
• atxsinn3r / amsiscanner
  A C/C++ implementation of Microsoft's Antimalware Scan Interface
  ☆182Updated 7 years ago
• dsnezhkov / zombieant
  Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
  ☆228Updated 6 years ago
• 86hh / POC-viruses
  POC viruses I have created to demo some ideas
  ☆59Updated 5 years ago
• guitmz / memrun
  Small tool to run ELF binaries from memory with a given process name
  ☆169Updated 4 years ago