Alternatives and similar repositories for detect-anyrun

Users that are interested in detect-anyrun are comparing it to the libraries listed below

• jonomango / pe-builder
  Header-only C++ library for producing PE files.
  ☆33Updated last year
• milankovo / zydisinfo
  ☆19Updated 3 months ago
• idkhidden / idashare
  idashare is an IDA Pro plugin that allows you to quickly share the currently loaded binary and IDA database over a local HTTP server with…
  ☆10Updated 2 months ago
• shaygitub / windows-rootkit
  windows rootkit
  ☆60Updated last year
• backengineering / pdbgen2
  Generate a PDB file given the old PDB file and an address mapping
  ☆48Updated 2 months ago
• Xacone / Eneio64-Driver-Exploit
  Exploit for eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W
  ☆34Updated last month
• lennyRBLX / ret_addr_spoofer
  Compileable POC of namazso's x64 return address spoofer.
  ☆52Updated 4 years ago
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆34Updated last year
• 0xGotcha / XrefXpert
  Tracks cross references and allows fast viewing of pseudocode between references
  ☆13Updated 2 months ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆47Updated 2 years ago
• Azvanzed / vmw-logger-rs
  A VMWare logger using built-in backdoor.
  ☆29Updated 7 months ago
• kkent030315 / Van1338
  A journal for $6,000 Riot Vanguard bounty.
  ☆63Updated last year
• backengineering / sigbreaker-llvm-lit
  All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit
  ☆16Updated 3 weeks ago
• backengineering / msrexec
  Elevate arbitrary MSR writes to kernel execution.
  ☆36Updated last year
• m417z / x64dbg-symbol-tldr
  An x64dbg plugin which helps make sense of long C++ symbols
  ☆59Updated 2 years ago
• Midi12 / whse
  WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API
  ☆22Updated 3 years ago
• jonomango / chum
  Binary rewriter for 64-bit PE files.
  ☆76Updated last year
• boom-cr3 / NotifyRoutineHijackThread
  Hijack NotifyRoutine for a kernelmode thread
  ☆42Updated 3 years ago
• NotRequiem / antidbg
  C/C++ antidebugging library for Windows
  ☆21Updated 4 months ago
• xsh3llsh0ck / PicoHook
  Small driver that uses alternative syscalls feature (the project is still under development).
  ☆15Updated last year
• idkhidden / WinApiPatcher
  WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.
  ☆42Updated 8 months ago
• greyb1t / GreyM
  Me fockin' pe protector
  ☆45Updated 2 years ago
• DErDYAST1R / NMICallbackBlocker2
  This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.
  ☆52Updated 7 months ago
• 0mWindyBug / KernelInjector
  PoC kernel to usermode injection
  ☆83Updated last year
• SamuelTulach / SecureGame
  Proof-of-concept game using VBS enclaves to protect itself from cheating
  ☆40Updated 6 months ago
• ReverseSec / eryx
  Collection of Cheat dumps for Research and Detection.
  ☆14Updated this week
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆62Updated 2 years ago
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆46Updated 2 years ago
• malware-unicorn / pteroioctl-hook
  A driver to implement IOCTL hooking
  ☆25Updated 3 years ago
• mmert11 / binaryshield-devirtualizer
  llvm powered deobfuscation of a vm-based protection
  ☆36Updated last month