Alternatives and similar repositories for Malware-Note:

Users that are interested in Malware-Note are comparing it to the libraries listed below

• qwqdanchun / ScreenShot-BOF
  ☆42Updated last year
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆42Updated last year
• su1s / encryptor
  Windows shellcode encoding and encrypting tool
  ☆21Updated 2 years ago
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆83Updated 2 years ago
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆100Updated 2 years ago
• ASkyeye / FilelessRemotePE
  Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
  ☆63Updated 2 years ago
• c3r3br4t3 / ShadowRDP
  ☆69Updated last year
• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆69Updated last year
• florylsk / NtDump
  Indirect NT syscalls LSASS dumper.
  ☆44Updated last year
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆16Updated last year
• ShadowMccc / MemoryEvasion
  A Cobalt Strike memory evasion loader for redteamers
  ☆99Updated 2 years ago
• LuxNoBulIshit / Smug_Fu3k
  ☆52Updated 3 years ago
• ScriptIdiot / sleepmask_ekko_cfg
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆44Updated 2 years ago
• Ethicalrat / Evasive-Loader
  Evasive loader to bypass static detection
  ☆58Updated last year
• 7h3w4lk3r / Kill-Floor
  AV/EDR killer using BYOVD technique
  ☆31Updated 6 months ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆98Updated last year
• CodeXTF2 / BusySleepBeacon
  This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…
  ☆34Updated 3 years ago
• Cobalt-Strike / obfuscator-llvm
  ☆53Updated last year
• MastMind / PE-infector
  Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)
  ☆58Updated 11 months ago
• Octoberfest7 / KillDefender
  A small (Edited) POC to make defender useless by removing its token privileges and lowering the token integrity
  ☆32Updated 2 years ago
• arsium / ShellCodeExec
  My personal shellcode loader
  ☆31Updated 2 years ago
• kyxiaxiang / AV_EDR_EPP_Notes
  ☆47Updated last year
• maxDcb / C2Implant
  Windows C++ Implant for Exploration C2
  ☆29Updated last month
• seahop / titan
  Titan: A generic user defined reflective DLL for Cobalt Strike
  ☆75Updated 2 years ago
• DamonMohammadbagher / NativePayload_PE1
  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…
  ☆58Updated last year
• ScriptIdiot / sleepmask_PatchlessHook
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆84Updated 2 years ago
• battleoverflow / lsass-dump
  Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper
  ☆54Updated last year
• Yair-Men / Passenger
  ProcExp Driver (Ab)use
  ☆21Updated 2 years ago
• ZeroMemoryEx / Overlord
  abusing Process Hacker driver to terminate other processes (BYOVD)
  ☆82Updated last year
• AzAgarampur / byeintegrity9-uac
  ☆36Updated 2 years ago