Alternatives and similar repositories for hollowise

Users that are interested in hollowise are comparing it to the libraries listed below

• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆19Updated 5 months ago
• naacbin / CovenantDecryptor
  ☆20Updated last year
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆27Updated last year
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆49Updated 5 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆52Updated 6 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 11 months ago
• FarghlyMal / Config-Extractors
  ☆27Updated 6 months ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 9 months ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆52Updated last year
• cod3nym / Ghosting-AMSI
  Ghosting-AMSI
  ☆17Updated last month
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆63Updated last month
• MazX0p / CobaltSentry
  ☆24Updated 4 months ago
• eric-conrad / c2-talk
  ☆37Updated last year
• OtterHacker / Hooker
  ☆107Updated 7 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆80Updated 9 months ago
• 0x4141414141 / Malware-Devlopment
  Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C
  ☆39Updated 5 years ago
• naksyn / talks
  Repo containing my public talks
  ☆23Updated 2 years ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆38Updated 3 years ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 2 years ago
• nafiez / DataBlockNTLMLeak
  Windows Shell Link (LNK) Proof of Concept
  ☆15Updated 3 weeks ago
• Slowerzs / KeyJumper
  ☆48Updated 2 months ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 10 months ago
• joe-desimone / rep-research
  ☆75Updated 10 months ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆43Updated last year
• som3canadian / Mythic_NimSyscallPacker_Wrapper
  Mythic C2 wrapper for NimSyscallPacker
  ☆25Updated 3 months ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆27Updated last year
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆83Updated last year
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆82Updated last year
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆57Updated 2 years ago
• 0xNinjaCyclone / IATUnhooker
  IAT Unhooking proof-of-concept
  ☆29Updated last year