Alternatives and similar repositories for threadfire

Users that are interested in threadfire are comparing it to the libraries listed below

• hasherezade / persistence_demos
  Demos of various (also non standard) persistence methods used by malware
  ☆221Updated 2 years ago
• 0x25bit / hackingLibrary
  ‪APT,‬ ‪Cyber warfare,‬ ‪Penetration testing,‬ ‪Zero-day,Exploiting,‬Fuzzing,Privilege-Escalation,browser-security‪,Spyware,Malwres evade…
  ☆35Updated 6 years ago
• NtRaiseHardError / Antimalware-Research
  Research on Anti-malware and other related security solutions
  ☆259Updated 4 years ago
• t3rabyt3-zz / Gozi
  Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.
  ☆64Updated 7 years ago
• dalvarezperez / CreateFile_based_rootkit
  ☆135Updated 2 months ago
• CylanceVulnResearch / ReflectiveDLLRefresher
  Universal Unhooking
  ☆321Updated 6 years ago
• Include-sys / hCrypt
  Open Source C++ Crypter. AES-256 Bit Encryption, Virtual Machine Detection and Almost FUD
  ☆133Updated 4 years ago
• MandConsultingGroup / ring3-kit
  Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)
  ☆76Updated 2 years ago
• paranoidninja / Botnet-blogpost
  This repo basically contains the code that was mentioned in the blogposts that was written by me at:
  ☆95Updated 2 years ago
• praetorian-inc / vulcan
  a tool to make it easy and fast to test various forms of injection
  ☆173Updated 6 years ago
• eLoopWoo / zwhawk
  A kernel rootkit with remote command and control interface for windows
  ☆109Updated 7 years ago
• hlldz / APC-PPID
  Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.
  ☆158Updated 5 years ago
• marcosd4h / memhunter
  Live hunting of code injection techniques
  ☆382Updated 5 years ago
• hasherezade / module_overloading
  A more stealthy variant of "DLL hollowing"
  ☆347Updated last year
• D4stiny / PeaceMaker
  PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.
  ☆420Updated 5 years ago
• yatt-ze / AbSent-Loader
  Example Loader to be used as a learning resource for people interested in how commercially available malware is made on a very basic leve…
  ☆70Updated 6 years ago
• Mr-Un1k0d3r / Shellcoding
  Shellcoding utilities
  ☆222Updated 4 years ago
• FSecureLABS / Ninjasploit
  A meterpreter extension for applying hooks to avoid windows defender memory scans
  ☆246Updated 4 years ago
• ewhitehats / InvisiblePersistence
  Persisting in the Windows registry "invisibly"
  ☆340Updated 6 years ago
• NtRaiseHardError / AntiHook
  PoC designed to evade userland-hooking anti-virus.
  ☆88Updated 6 years ago
• atxsinn3r / amsiscanner
  A C/C++ implementation of Microsoft's Antimalware Scan Interface
  ☆182Updated 7 years ago
• paranoidninja / 0xdarkvortex-MalwareDevelopment
  This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-d…
  ☆194Updated 4 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆132Updated last year
• am0nsec / wspe
  Windows System Programming Experiments
  ☆218Updated 2 years ago
• albertzsigovits / malware-writeups
  Personal research and publication on malware families
  ☆138Updated 5 months ago
• EgeBalci / Cminer
  Cminer is a tool for enumerating the code caves in PE files.
  ☆151Updated 2 years ago
• b4rtik / metasploit-execute-assembly
  Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
  ☆345Updated 4 years ago
• ionescu007 / faxhell
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆331Updated 5 years ago
• EgeBalci / WSAAcceptBackdoor
  Winsock accept() Backdoor Implant.
  ☆113Updated 4 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆235Updated 5 years ago