Alternatives and similar repositories for Dropper:

Users that are interested in Dropper are comparing it to the libraries listed below

• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆61Updated last year
• scrt / avdebugger
  ☆95Updated 3 years ago
• boku7 / x64win-DynamicNoNull-WinExec-PopCalc-Shellcode
  64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free
  ☆61Updated 2 years ago
• cyberark / malware-research
  ☆36Updated last month
• itm4n / CVEs
  Random CVEs
  ☆30Updated last year
• 0xcpu / winsmsd
  Windows (ShadowMove) Socket Duplication
  ☆82Updated 4 years ago
• hidd3ncod3s / WindowsAPIhash
  Windows API Hashes used in the malwares
  ☆41Updated 9 years ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆114Updated 8 months ago
• t0-retooling / defender-recon24
  ☆51Updated 5 months ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆105Updated last month
• X-Junior / Malware-IDAPython-Scripts
  ☆22Updated 10 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• waldo-irc / MalMemDetect
  Detect strange memory regions and DLLs
  ☆181Updated 3 years ago
• WesleyWong420 / Build-Your-Own-LOLBins
  A post-exploitation toolkit to simulate the weaponization and detection of native Windows binaries based on LOLBas framework.
  ☆25Updated last year
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆37Updated 3 years ago
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆47Updated 10 months ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆115Updated last year
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆82Updated last year
• ucsb-seclab / popkorn-artifact
  ☆67Updated 2 years ago
• RedTeamOperations / VEH-PoC
  ☆112Updated 2 years ago
• Hagrid29 / herpaderply_hollowing
  Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
  ☆54Updated 2 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆87Updated 2 years ago
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆122Updated 3 years ago
• DGRonpa / Process_Injection
  ☆28Updated 3 years ago
• riskydissonance / SyscallsExample
  Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.
  ☆74Updated 3 years ago
• y11en / FOLIAGE
  Experiment on reproducing Obfuscate & Sleep
  ☆143Updated 4 years ago
• thewhiteninja / deobshell
  Powershell script deobfuscation using AST in Python
  ☆65Updated last year
• shogunlab / Mochi
  Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.
  ☆99Updated 3 years ago
• dobin / avred-server
  The AMSI server for Avred
  ☆29Updated last year
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆136Updated 2 years ago