Alternatives and similar repositories for seashell:

Users that are interested in seashell are comparing it to the libraries listed below

• AdvDebug / BehavEye
  Advanced dynamic malware analysis tool.
  ☆78Updated last year
• pygrum / siphon
  A feed of malware samples curated from threat intelligence sources.
  ☆25Updated last year
• SleepTheGod / Windows-Atom-Table-Hijacking
  A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…
  ☆26Updated 5 months ago
• lewiswigmore / Virus.xcheck
  Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs…
  ☆52Updated last year
• li4321 / selfmovingdll
  ☆19Updated 2 months ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆31Updated 2 weeks ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆109Updated last year
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆54Updated 2 years ago
• tehstoni / RustyKeys
  UAC Bypass using CMSTP in Rust
  ☆24Updated 2 months ago
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆32Updated 3 years ago
• ZeroMemoryEx / URootkit
  user-mode Rootkit
  ☆103Updated 2 years ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆26Updated 5 years ago
• CarlosG13 / Process-Hypnosis-Debugger-assisted-control-flow-hijack
  ☆30Updated 10 months ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated 11 months ago
• EvilBytecode / Sryxen
  Sryxen aka ThunderKitty.
  ☆30Updated 2 weeks ago
• MalwareTech / HiddenDesktop
  Create and enumerate hidden desktops.
  ☆90Updated last year
• hwvs / Invoke-GPTObfuscation
  Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…
  ☆49Updated last year
• Idov31 / rustomware
  Simple ransomware written in Rust. Part of the building a rustomware blog post.
  ☆32Updated last year
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆33Updated 9 months ago
• 3intermute / ramiel
  uefi diskless persistence technique + OVMF secureboot bypass
  ☆53Updated 9 months ago
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆55Updated 6 months ago
• buzzer-re / Shinigami
  A dynamic unpacking tool
  ☆132Updated last year
• gelven4sec / NotPetyaAgain
  PoC of a UEFI Petya ransomware
  ☆40Updated 2 years ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆79Updated last year
• FourCoreLabs / TrustedInstallerPOC
  A simple go Proof of Concept to start a new shell as TrustedInstaller
  ☆53Updated last year
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆64Updated this week
• dr4k0nia / Greenline
  Unpacker and Config Extractor for managed Redline Stealer payloads
  ☆40Updated 2 years ago
• R41N3RZUF477 / CVE-2023-41772
  ☆12Updated last year
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆102Updated 5 months ago
• RATandC2 / VirusTotalC2
  Abusing VirusTotal API to host our C2 traffic, usefull for bypassing blocking firewall rules if VirusTotal is in the target white list , …
  ☆21Updated 2 years ago