Alternatives and similar repositories for Malware-Development

Users that are interested in Malware-Development are comparing it to the libraries listed below

• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆138Updated 7 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆124Updated 2 weeks ago
• ZeroMemoryEx / CVE-2025-26125
  ( 0day ) Local Privilege Escalation in IObit Malware Fighter
  ☆163Updated 9 months ago
• XaFF-XaFF / CaveCarver
  CaveCarver - PE backdooring tool which utilizes and automates code cave technique
  ☆231Updated 2 years ago
• cocomelonc / peekaboo
  Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
  ☆279Updated 3 months ago
• Maldev-Academy / Christmas
  ☆259Updated 2 years ago
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆222Updated 2 years ago
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆288Updated last year
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆201Updated 2 years ago
• d419h / IconJector
  Inject DLLs into the explorer process using icons
  ☆397Updated 8 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆90Updated 8 months ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆182Updated 2 years ago
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆141Updated 3 years ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆156Updated 8 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆248Updated last year
• 0xNinjaCyclone / AsmLdr
  Dynamic shellcode loader with sophisticated evasion capabilities
  ☆277Updated 3 months ago
• florylsk / NtRemoteLoad
  Remote Shellcode Injector
  ☆221Updated 2 years ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆164Updated 10 months ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆172Updated 2 years ago
• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆165Updated last year
• captain-woof / malware-study
  My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to any…
  ☆108Updated 7 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆109Updated 2 years ago
• voidvxvi / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆136Updated last year
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆210Updated 2 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆262Updated last year
• Azr43lKn1ght / Rusty-PE-Packer
  A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.
  ☆40Updated last year
• rtecCyberSec / Packer_Development
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆278Updated last year
• pard0p / CallstackSpoofingPOC
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆422Updated last year
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆252Updated last year
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆214Updated last year