Alternatives and similar repositories for Malware-Development

Users that are interested in Malware-Development are comparing it to the libraries listed below

• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆125Updated 2 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆168Updated 4 months ago
• XaFF-XaFF / CaveCarver
  CaveCarver - PE backdooring tool which utilizes and automates code cave technique
  ☆228Updated 2 years ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆160Updated 5 months ago
• Maldev-Academy / Christmas
  ☆260Updated last year
• ZeroMemoryEx / CVE-2025-26125
  (0day) Local Privilege Escalation in IObit Malware Fighter
  ☆145Updated 4 months ago
• cocomelonc / peekaboo
  Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
  ☆250Updated 9 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆194Updated last year
• CodeXTF2 / maldev-links
  My collection of malware dev links
  ☆280Updated last month
• pard0p / CallstackSpoofingPOC
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆386Updated last year
• florylsk / NtRemoteLoad
  Remote Shellcode Injector
  ☆217Updated last year
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆200Updated last year
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆287Updated last year
• TheMalwareGuardian / Bentico
  Early work on Benthic Windows Kernel Rootkit
  ☆54Updated 3 weeks ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆88Updated 2 months ago
• d419h / IconJector
  Unorthodox and stealthy way to inject a DLL into the explorer using icons
  ☆324Updated 2 months ago
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆138Updated 2 years ago
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆230Updated 9 months ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆180Updated last year
• Maldev-Academy / MaldevAcademyLdr.1
  ☆359Updated last year
• TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
  A curated compilation of extensive resources dedicated to bootkit and rootkit development.
  ☆69Updated 3 months ago
• dr4k0nia / NixImports
  A .NET malware loader, using API-Hashing to evade static analysis
  ☆209Updated 2 years ago
• kymb0 / Malware_learns
  ☆133Updated 2 years ago
• gharty03 / Conti-Ransomware
  Full source of the Conti Ransomware Including the missing Locker files from the original leak. I have fixed some of the errors intentiona…
  ☆155Updated 2 years ago
• Maldev-Academy / CodeSearchDemo
  ☆40Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆75Updated 3 months ago
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆180Updated 2 years ago
• 0xBinarySl3uth / Malware_Specimens
  This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for maliciou…
  ☆17Updated last year
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆230Updated 7 months ago
• ZeroMemoryEx / URootkit
  simple user-mode Rootkit
  ☆104Updated 2 years ago