Alternatives and similar repositories for Malware-Development

Users that are interested in Malware-Development are comparing it to the libraries listed below

• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆133Updated 7 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆121Updated 7 months ago
• XaFF-XaFF / CaveCarver
  CaveCarver - PE backdooring tool which utilizes and automates code cave technique
  ☆231Updated 2 years ago
• ZeroMemoryEx / CVE-2025-26125
  ( 0day ) Local Privilege Escalation in IObit Malware Fighter
  ☆163Updated 9 months ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆164Updated 9 months ago
• cocomelonc / peekaboo
  Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
  ☆278Updated 2 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆202Updated 2 years ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆248Updated 11 months ago
• Maldev-Academy / CodeSearchDemo
  ☆41Updated last year
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆43Updated last year
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆220Updated last year
• Maldev-Academy / Christmas
  ☆259Updated last year
• TheMalwareGuardian / Bentico
  [ARCHIVED] Early work on Benthic (Windows Kernel Rootkit).
  ☆56Updated 4 months ago
• eversinc33 / MalwareAdventurez
  My adventures in learning about different userland malware techniques, such as syscalls, injection, unhooking or sandbox evasion.
  ☆78Updated last year
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated 2 years ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆90Updated 8 months ago
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆142Updated 2 years ago
• 0xBinarySl3uth / Malware_Specimens
  This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for maliciou…
  ☆17Updated last year
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆181Updated 2 years ago
• 0xNinjaCyclone / AsmLdr
  Dynamic shellcode loader with sophisticated evasion capabilities
  ☆274Updated 2 months ago
• CodeXTF2 / maldev-links
  My collection of malware dev links
  ☆303Updated 6 months ago
• lem0nSec / KBlast
  Basic interactive Windows kernel offensive toolkit written in C
  ☆134Updated 3 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆155Updated 8 months ago
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆288Updated last year
• gharty03 / Conti-Ransomware
  Full source of the Conti Ransomware Including the missing Locker files from the original leak. I have fixed some of the errors intentiona…
  ☆164Updated 2 years ago
• d419h / IconJector
  Inject DLLs into the explorer process using icons
  ☆397Updated 7 months ago
• ghostpepper108 / Evasion
  ☆107Updated 2 years ago
• SaadAhla / PE-Obfuscator
  PE obfuscator with Evasion in mind
  ☆214Updated 2 years ago
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆183Updated 2 years ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆257Updated last year