Alternatives and similar repositories for Malware-Development

Users that are interested in Malware-Development are comparing it to the libraries listed below

• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆129Updated 3 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆169Updated 5 months ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆160Updated 5 months ago
• ZeroMemoryEx / CVE-2025-26125
  (0day) Local Privilege Escalation in IObit Malware Fighter
  ☆148Updated 4 months ago
• XaFF-XaFF / CaveCarver
  CaveCarver - PE backdooring tool which utilizes and automates code cave technique
  ☆228Updated 2 years ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆92Updated 2 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆79Updated 4 months ago
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆289Updated last year
• gharty03 / Conti-Ransomware
  Full source of the Conti Ransomware Including the missing Locker files from the original leak. I have fixed some of the errors intentiona…
  ☆156Updated 2 years ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆179Updated last year
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆138Updated 2 years ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated last year
• d419h / IconJector
  Unorthodox and stealthy way to inject a DLL into the explorer using icons
  ☆325Updated 3 months ago
• ZeroMemoryEx / APT38-0day-Stealer
  APT38 Tactic PoC for Stealing 0days from security researchers
  ☆316Updated 2 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆234Updated 7 months ago
• cocomelonc / peekaboo
  Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
  ☆254Updated 10 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆192Updated last year
• Maldev-Academy / Christmas
  ☆260Updated last year
• Maldev-Academy / MaldevAcademyLdr.1
  ☆363Updated last year
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆230Updated 9 months ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆171Updated last year
• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆161Updated 8 months ago
• florylsk / NtRemoteLoad
  Remote Shellcode Injector
  ☆218Updated 2 years ago
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆204Updated last year
• Cracked5pider / CodeCave
  A bunch of scripts and code i wrote.
  ☆143Updated 9 months ago
• TheMalwareGuardian / Bentico
  Early work on Benthic Windows Kernel Rootkit
  ☆55Updated last week
• ELMERIKH / PyinMemoryPE
  execute PE in memory Filelessly
  ☆44Updated 6 months ago
• dr4k0nia / NixImports
  A .NET malware loader, using API-Hashing to evade static analysis
  ☆208Updated 2 years ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆135Updated 3 months ago
• CodeXTF2 / maldev-links
  My collection of malware dev links
  ☆283Updated 2 months ago