Alternatives and similar repositories for seashell

Users that are interested in seashell are comparing it to the libraries listed below

• AdvDebug / BehavEye
  Advanced dynamic malware analysis tool.
  ☆83Updated last year
• 3itch / icekit
  I/O Cache-As-Ram + AMD x86_64 cache line locking | Mirror of https://codeberg.org/3itch/icekit
  ☆14Updated 3 months ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆59Updated 2 years ago
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆37Updated last year
• li4321 / selfmovingdll
  ☆24Updated 6 months ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆27Updated 5 years ago
• SleepTheGod / Windows-Atom-Table-Hijacking
  A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…
  ☆27Updated 9 months ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated last year
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆31Updated 3 years ago
• gelven4sec / NotPetyaAgain
  PoC of a UEFI Petya ransomware
  ☆44Updated 2 years ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆105Updated 2 years ago
• lewiswigmore / Virus.xcheck
  Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs…
  ☆53Updated 2 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆112Updated 9 months ago
• x86byte / LummaC2-Stealer
  LummaC2 extracted binaries by reversing & LummaC2 Stealer Analysis
  ☆62Updated 4 months ago
• EvilBytecode / Sryxen-Stealer-Paid-Source
  Stealer in c++.
  ☆42Updated 2 months ago
• lil-skelly / basilisk
  ☆11Updated 3 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated last year
• LimerBoy / Soviet-Thief
  Yandex browser passwords and credit-cards decryption algorithm
  ☆15Updated 2 months ago
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆251Updated last year
• TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
  A curated compilation of extensive resources dedicated to bootkit and rootkit development.
  ☆63Updated 2 months ago
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆45Updated last year
• Fatmike-GH / DLLInjectionDetector
  A DLL Injection Detector for Windows
  ☆32Updated last week
• namazso / dll-universal-patcher
  A universal binary patching dll.
  ☆90Updated 8 months ago
• XaFF-XaFF / Kernel-Process-Hollowing
  Windows x64 kernel mode rootkit process hollowing POC.
  ☆191Updated last year
• tehstoni / RustyKeys
  UAC Bypass using CMSTP in Rust
  ☆27Updated 6 months ago
• r0keb / TrashFormer
  A 64 bit executable junk code engine for polymorphic malware.
  ☆43Updated last week
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆57Updated 10 months ago
• SaadAhla / StackCrypt
  Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume thread…
  ☆160Updated last year
• 0xPrimo / KMDllInjector
  kernel-mode DLL Injector
  ☆85Updated 2 months ago