Alternatives and similar repositories for malware

Users that are interested in malware are comparing it to the libraries listed below

• nbaertsch / nimvoke
  Indirect syscalls + DInvoke made simple.
  ☆92Updated 6 months ago
• m4ul3r / writing_nimless
  Writing Nimless Nim - Slides and source for BSIDESKC 2024 talk.
  ☆82Updated last year
• Helixo32 / NimReflectiveLoader
  NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.
  ☆30Updated last year
• zimnyaa / xyrella
  PoC XLL builder in Python/Nim
  ☆46Updated 2 years ago
• itaymigdal / GhostNap
  Sleep obfuscation for shellcode implants and their reflective shit
  ☆51Updated last year
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆66Updated 11 months ago
• ar33zy / Nimjector
  ☆42Updated 2 years ago
• rtecCyberSec / SpeechRuntimeMove
  Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking
  ☆30Updated 2 weeks ago
• fern89 / ghostwriting-2
  A process injection technique using only thread context manipulation
  ☆38Updated last year
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆50Updated 6 months ago
• OffenseTeacher / Steganim
  ☆47Updated 2 years ago
• ibaiC / FriendlyFireBOF
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆53Updated 3 months ago
• S3cur3Th1sSh1t / NimShellcodeFluctuation
  ShellcodeFluctuation PoC ported to Nim
  ☆77Updated 2 years ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆63Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆61Updated 11 months ago
• 0xTriboulet / rssh-rs
  ☆51Updated last month
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆61Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆50Updated last year
• us-cyber-team / nim_for_hackers2
  slides for talk given during uscg 2023 combine
  ☆37Updated last year
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆77Updated 4 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆24Updated 5 months ago
• pruno7 / nEkko
  A nim port of C5pider's Ekko project.
  ☆18Updated 2 years ago
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆77Updated 3 months ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆59Updated 4 months ago
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆82Updated 7 months ago
• tijme / kong-loader
  Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…
  ☆34Updated 3 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• gerbsec / SmokeyObfuscator
  Rewrite to fit my needs
  ☆28Updated 11 months ago
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆28Updated 4 months ago
• Kharos102 / interceptor
  Sample Rust Hooking Engine
  ☆36Updated last year