sandflysecurity/sandfly-processdecloak external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

sandflysecurity/sandfly-processdecloak

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sandflysecurity/sandfly-processdecloak)

Close

sandflysecurity / sandfly-processdecloakView on GitHubMore

• External links
• Readme badge

Sandfly Linux Stealth Rootkit Decloaking Utility

☆108Jan 19, 2023Updated 3 years ago

Alternatives and similar repositories for sandfly-processdecloak

Users that are interested in sandfly-processdecloak are comparing it to the libraries listed below

• sandflysecurity / sandfly-file-decloak

  View on GitHub
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆29Sep 29, 2025Updated 5 months ago
• sandflysecurity / sandfly-entropyscan

  View on GitHub
  Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives …
  ☆167Jun 11, 2024Updated last year
• kyle-phillips / adversarial-tools

  View on GitHub
  A collection of tools adversaries commonly use in an attack.
  ☆14Nov 23, 2024Updated last year
• cado-security / rip_raw

  View on GitHub
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆134Jan 31, 2022Updated 4 years ago
• alexander-hanel / asm-examples

  View on GitHub
  Compiled executables of common crypto and encoding algorithms
  ☆16Oct 3, 2023Updated 2 years ago
• sumeshi / evtx2es

  View on GitHub
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆86Jun 23, 2025Updated 8 months ago
• StrangerealIntel / DeltaFlare

  View on GitHub
  ☆12Jun 29, 2021Updated 4 years ago
• W3ndige / aurora

  View on GitHub
  Malware similarity platform with modularity in mind.
  ☆80Jul 18, 2021Updated 4 years ago
• darksh3llRU / dark-doh

  View on GitHub
  ☆19Dec 12, 2023Updated 2 years ago
• alexander-hanel / RenameLocalVars

  View on GitHub
  RenameLocalVars is an IDA plugin that renames local variables to something easier to read.
  ☆15Jul 9, 2023Updated 2 years ago
• cecio / EMOTET-2020-Reversing

  View on GitHub
  a State-Machine reversing exercise
  ☆13Apr 22, 2021Updated 4 years ago
• microsoft / MSTIC-Sysmon

  View on GitHub
  Anything Sysmon related from the MSTIC R&D team
  ☆156Jun 8, 2024Updated last year
• zMarch / suspect

  View on GitHub
  suspect is a simple bash triage tool
  ☆19Aug 30, 2018Updated 7 years ago
• P4x1s / CVE-2024-23897

  View on GitHub
  CVE-2024-23897 jenkins-cli
  ☆15Jan 27, 2024Updated 2 years ago
• cado-security / MalwareAnalysis

  View on GitHub
  MalwareAnalysis
  ☆12Dec 19, 2020Updated 5 years ago
• LETHAL-FORENSICS / Collect-MemoryDump

  View on GitHub
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆253Oct 29, 2025Updated 4 months ago
• ArsenalRecon / SdbaParser

  View on GitHub
  Parser for Sdba memory pool tags
  ☆21Jul 16, 2021Updated 4 years ago
• 0xrawsec / gene-rules

  View on GitHub
  ☆42Sep 16, 2022Updated 3 years ago
• audibleblink / gorsh

  View on GitHub
  A toy CTF Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
  ☆87Apr 8, 2025Updated 10 months ago
• Paul-Tew / lifer

  View on GitHub
  Windows link file (shortcuts) examiner
  ☆68Jun 9, 2024Updated last year
• petikvx / malwares-analysis-tools

  View on GitHub
  ☆19Jul 29, 2022Updated 3 years ago
• theevilbit / DuckDockTile

  View on GitHub
  ☆17Sep 29, 2023Updated 2 years ago
• hyp3rlinx / NtFileSins

  View on GitHub
  Windows File Enumeration Intel Gathering Tool.
  ☆17Sep 4, 2023Updated 2 years ago
• g-les / macho_similarity

  View on GitHub
  Conceptual Methods for Finding Commonalities in Macho Files
  ☆12Mar 21, 2024Updated last year
• ancat / egrets

  View on GitHub
  egrets monitors egress
  ☆47Apr 12, 2020Updated 5 years ago
• NVISOsecurity / evtx-hunter

  View on GitHub
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆158Nov 30, 2021Updated 4 years ago
• io-tl / Mara

  View on GitHub
  Mara is a userland pty/tty sniffer
  ☆53Dec 22, 2023Updated 2 years ago
• CiscoCXSecurity / presentations

  View on GitHub
  Presentations from the CX Security Labs team
  ☆35Jul 24, 2025Updated 7 months ago
• cbasnett / Log-Extractor

  View on GitHub
  ☆28Mar 29, 2022Updated 3 years ago
• yarox24 / EvtxHussar

  View on GitHub
  Initial triage of Windows Event logs
  ☆106Jun 16, 2024Updated last year
• Velocidex / evtx

  View on GitHub
  Golang Parser for Microsoft Event Logs
  ☆105Nov 7, 2025Updated 3 months ago
• timwhitez / Doge-AddSSP

  View on GitHub
  Load ssp dll golang implementation
  ☆19Jan 18, 2022Updated 4 years ago
• enkomio / Sojobo

  View on GitHub
  A binary analysis framework
  ☆133Dec 17, 2020Updated 5 years ago
• StrangerealIntel / CyberThreatIntel

  View on GitHub
  Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
  ☆723Dec 26, 2022Updated 3 years ago
• intezer / ost-map

  View on GitHub
  ☆21Jul 27, 2020Updated 5 years ago
• carbonblack / active_c2_ioc_public

  View on GitHub
  Active C2 IoCs
  ☆99Nov 28, 2022Updated 3 years ago
• thefLink / Hunt-Sleeping-Beacons

  View on GitHub
  Aims to identify sleeping beacons
  ☆662Jan 25, 2026Updated last month
• airbus-cert / etl-parser

  View on GitHub
  Event Trace Log file parser in pure Python
  ☆150Nov 27, 2020Updated 5 years ago
• optiv / Ivy

  View on GitHub
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆745Aug 18, 2023Updated 2 years ago