Alternatives and similar repositories for Malware-Development

Users that are interested in Malware-Development are comparing it to the libraries listed below

• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆130Updated 4 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆98Updated 4 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆83Updated 5 months ago
• ZeroMemoryEx / CVE-2025-26125
  ( 0day ) Local Privilege Escalation in IObit Malware Fighter
  ☆157Updated 6 months ago
• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆163Updated 10 months ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆160Updated 7 months ago
• XaFF-XaFF / CaveCarver
  CaveCarver - PE backdooring tool which utilizes and automates code cave technique
  ☆230Updated 2 years ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆196Updated last year
• Maldev-Academy / Christmas
  ☆261Updated last year
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆210Updated last year
• TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
  A curated compilation of extensive resources dedicated to bootkit and rootkit development.
  ☆112Updated last month
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆238Updated 9 months ago
• S12cybersecurity / RatInject
  Rat Inject is C++ Executable to gain Undetectable Persistence in Windows via 4 Registry Keys
  ☆32Updated 2 years ago
• Cracked5pider / CodeCave
  A bunch of scripts and code i wrote.
  ☆145Updated 11 months ago
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆138Updated 2 years ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆180Updated last year
• dr4k0nia / NixImports
  A .NET malware loader, using API-Hashing to evade static analysis
  ☆207Updated 2 years ago
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆228Updated last year
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆140Updated 5 months ago
• florylsk / NtRemoteLoad
  Remote Shellcode Injector
  ☆219Updated 2 years ago
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆116Updated last month
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆288Updated last year
• cocomelonc / peekaboo
  Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
  ☆257Updated 11 months ago
• ZeroMemoryEx / APT38-0day-Stealer
  APT38 Tactic PoC for Stealing 0days from security researchers
  ☆320Updated 4 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆240Updated 9 months ago
• eversinc33 / MalwareAdventurez
  My adventures in learning about different userland malware techniques, such as syscalls, injection, unhooking or sandbox evasion.
  ☆78Updated last year
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated 2 years ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆172Updated last year
• pard0p / CallstackSpoofingPOC
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆396Updated last year
• CodeXTF2 / maldev-links
  My collection of malware dev links
  ☆290Updated 3 months ago