rootkit-io/awesome-malware-development external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

rootkit-io/awesome-malware-development

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/rootkit-io/awesome-malware-development)

Close

rootkit-io / awesome-malware-developmentView on GitHubMore

• External links
• Readme badge

Curated resources for malware analysis, reverse engineering, and defensive security research.

☆1,726Apr 1, 2026Updated last month

Alternatives and similar repositories for awesome-malware-development

Users that are interested in awesome-malware-development are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• chvancooten / maldev-for-dummies

  View on GitHub
  A workshop about Malware Development
  ☆1,783Jun 2, 2023Updated 2 years ago
• vxunderground / VX-API

  View on GitHub
  Collection of various malicious functionality to aid in malware development
  ☆1,891Feb 28, 2024Updated 2 years ago
• CodeXTF2 / maldev-links

  View on GitHub
  My collection of malware dev links
  ☆317Feb 9, 2026Updated 3 months ago
• rootkit-io / malware-and-exploitdev-resources

  View on GitHub
  ☆69Jul 26, 2021Updated 4 years ago
• Idov31 / Nidhogg

  View on GitHub
  Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.
  ☆2,327Feb 15, 2026Updated 3 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• cr-0w / maldev

  View on GitHub
  ⚠️ malware development
  ☆700May 15, 2026Updated last week
• matro7sh / BypassAV

  View on GitHub
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆3,261Mar 28, 2025Updated last year
• vxunderground / VXUG-Papers

  View on GitHub
  Research code & papers from members of vx-underground.
  ☆1,383Dec 7, 2021Updated 4 years ago
• Whitecat18 / Rust-for-Malware-Development

  View on GitHub
  Rust for malware Development is a repository for advanced Red Team techniques and offensive malwares & Ransomwares, focused on Rust 🦀
  ☆3,494May 5, 2026Updated 2 weeks ago
• redcode-labs / Coldfire

  View on GitHub
  Golang malware development library
  ☆979Dec 13, 2024Updated last year
• trickster0 / OffensiveRust

  View on GitHub
  Rust Weaponization for Red Team Engagements.
  ☆3,007Apr 25, 2024Updated 2 years ago
• klezVirus / inceptor

  View on GitHub
  Template-Driven AV/EDR Evasion Framework
  ☆1,798Nov 3, 2023Updated 2 years ago
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,389Oct 27, 2023Updated 2 years ago
• matthieu-hackwitharts / Win32_Offensive_Cheatsheet

  View on GitHub
  Win32 and Kernel abusing techniques for pentesters
  ☆978Sep 3, 2023Updated 2 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• vxunderground / MalwareSourceCode

  View on GitHub
  Collection of malware source code for a variety of platforms in an array of different programming languages.
  ☆18,233Sep 10, 2025Updated 8 months ago
• Cracked5pider / Stardust

  View on GitHub
  A modern 32/64-bit position independent implant template
  ☆1,333Mar 21, 2025Updated last year
• lsecqt / OffensiveCpp

  View on GitHub
  This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
  ☆765Jan 26, 2025Updated last year
• klezVirus / SysWhispers3

  View on GitHub
  SysWhispers on Steroids - AV/EDR evasion via direct system calls.
  ☆1,638Jul 31, 2024Updated last year
• packing-box / awesome-executable-packing

  View on GitHub
  A curated list of awesome resources related to executable packing
  ☆1,576Feb 14, 2026Updated 3 months ago
• wavestone-cdt / EDRSandblast

  View on GitHub
  ☆1,815Aug 30, 2024Updated last year
• FULLSHADE / WindowsExploitationResources

  View on GitHub
  Resources for Windows exploit development
  ☆1,654Dec 20, 2021Updated 4 years ago
• HavocFramework / Havoc

  View on GitHub
  The Havoc Framework
  ☆8,361Dec 18, 2025Updated 5 months ago
• VirtualAlllocEx / DEFCON-31-Syscalls-Workshop

  View on GitHub
  Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
  ☆760May 23, 2025Updated 11 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• lem0nSec / ShellGhost

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,199Oct 16, 2023Updated 2 years ago
• TheWover / donut

  View on GitHub
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆4,590Jul 8, 2025Updated 10 months ago
• Maldev-Academy / HellHall

  View on GitHub
  Performing Indirect Clean Syscalls
  ☆612May 2, 2026Updated 2 weeks ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,016Jun 4, 2024Updated last year
• optiv / Freeze

  View on GitHub
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆1,472Aug 18, 2023Updated 2 years ago
• aahmad097 / AlternativeShellcodeExec

  View on GitHub
  Alternative Shellcode Execution Via Callbacks
  ☆1,719Nov 11, 2022Updated 3 years ago
• MalwareApiLib / MalwareApiLibrary

  View on GitHub
  collection of apis used in malware development
  ☆231Aug 2, 2022Updated 3 years ago
• optiv / ScareCrow

  View on GitHub
  ScareCrow - Payload creation framework designed around EDR bypass.
  ☆2,881Aug 18, 2023Updated 2 years ago
• XaFF-XaFF / Black-Angel-Rootkit

  View on GitHub
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆686Nov 9, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• memN0ps / venom-rs

  View on GitHub
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆366Mar 2, 2024Updated 2 years ago
• BishopFox / sliver

  View on GitHub
  Adversary Emulation Framework
  ☆11,206May 7, 2026Updated 2 weeks ago
• paranoidninja / 0xdarkvortex-MalwareDevelopment

  View on GitHub
  This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-d…
  ☆201Jul 21, 2020Updated 5 years ago
• tkmru / awesome-edr-bypass

  View on GitHub
  Awesome EDR Bypass Resources For Ethical Hacking
  ☆1,528Jan 26, 2026Updated 3 months ago
• Orange-Cyberdefense / GOAD

  View on GitHub
  game of active directory
  ☆7,818Mar 12, 2026Updated 2 months ago
• Xacone / BestEdrOfTheMarket

  View on GitHub
  EDR Lab for Experimentation Purposes
  ☆1,452Mar 1, 2026Updated 2 months ago
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆959Feb 2, 2026Updated 3 months ago