Alternatives and similar repositories for Malware-Note

Users that are interested in Malware-Note are comparing it to the libraries listed below

• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆100Updated 2 years ago
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆45Updated last year
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆36Updated 2 years ago
• CodeXTF2 / BusySleepBeacon
  This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…
  ☆34Updated 3 years ago
• qwqdanchun / ScreenShot-BOF
  ☆42Updated last year
• florylsk / NtDump
  Indirect NT syscalls LSASS dumper.
  ☆44Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 8 months ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆36Updated last year
• Yair-Men / Passenger
  ProcExp Driver (Ab)use
  ☆22Updated 2 years ago
• OtterHacker / CoffLoader
  ☆54Updated 2 years ago
• Ethicalrat / Evasive-Loader
  Evasive loader to bypass static detection
  ☆60Updated last year
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆23Updated last year
• MaorSabag / interactive-execute-shellcode
  A simple PoC of injection shellcode into a remote process and get the output using namepipe
  ☆42Updated last year
• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆31Updated 2 weeks ago
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆16Updated last year
• ASkyeye / FilelessRemotePE
  Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
  ☆63Updated 2 years ago
• timwhitez / AddressOfEntryPoint-injection
  x64 version
  ☆34Updated 3 years ago
• Cobalt-Strike / obfuscator-llvm
  ☆53Updated last year
• b1-team / phantom
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆16Updated last year
• ScriptIdiot / sleepmask_ekko_cfg
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆44Updated 2 years ago
• roadwy / SideloadFinder
  frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can …
  ☆51Updated 2 years ago
• LuxNoBulIshit / Smug_Fu3k
  ☆53Updated 3 years ago
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆84Updated 2 years ago
• dis0rder0x00 / ParentProcessManipulation-LNK
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆25Updated 8 months ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆54Updated 2 years ago
• Aetsu / Neton
  Neton is a tool for getting information from Internet connected sandboxes
  ☆95Updated 2 years ago
• 7h3w4lk3r / RexLdr
  Rex Shellcode Loader for AV/EDR evasion
  ☆31Updated last year
• JetP1ane / Artemis
  Artemis - C++ Hell's Gate Syscall Implementation
  ☆33Updated last year
• kyxiaxiang / AV_EDR_EPP_Notes
  ☆47Updated last year
• maxDcb / C2Implant
  Windows C++ Implant for Exploration C2
  ☆31Updated last week