Alternatives and similar repositories for awesome-sandbox-evasion

Users that are interested in awesome-sandbox-evasion are comparing it to the libraries listed below

• RiccardoAncarani / GPOPowerParser

  View on GitHub
  A script that parses PowerView's output for GPO analysis. Integrated into bloodhound to find misconfigurations of URA, SMB signing etc
  ☆15Feb 9, 2020Updated 6 years ago
• H4xl0r / Necro-Stealer

  View on GitHub
  ☣️ Necro Stealer + Web Panel
  ☆10May 2, 2020Updated 5 years ago
• shantanu561993 / heroku-reverse-proxy

  View on GitHub
  Spin up a reverse proxy quickly on Heroku
  ☆15Dec 5, 2020Updated 5 years ago
• xen0vas / XDNR

  View on GitHub
  XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…
  ☆17Jul 12, 2022Updated 3 years ago
• airbus-cert / vbSparkle

  View on GitHub
  VBScript & VBA source-to-source deobfuscator with partial-evaluation
  ☆80Aug 7, 2024Updated last year
• NtRaiseHardError / NtRaiseHardError.github.io

  View on GitHub
  Build a Jekyll blog in minutes, without touching the command line.
  ☆16Dec 6, 2018Updated 7 years ago
• dnoiz1 / git-money

  View on GitHub
  A tool for enumerating and retrieving exposed git repositories to recover source trees from external environments. Can utilise File Inclu…
  ☆23Aug 20, 2020Updated 5 years ago
• Perfectdotexe / Perfect-Malware-Samples

  View on GitHub
  Fresh malware samples caught in the wild daily from random places. 🎣
  ☆19Jun 27, 2019Updated 6 years ago
• d35ha / RunPE

  View on GitHub
  An example of PE hollowing injection technique
  ☆25Jun 28, 2019Updated 6 years ago
• 0x25bit / darkrat

  View on GitHub
  DarkRat source - beware untested source and resources.
  ☆21Dec 7, 2019Updated 6 years ago
• Noxtal / tetrodotoxin

  View on GitHub
  A Rust malware controlled by a Go web interface, API and socket server.
  ☆10Aug 22, 2022Updated 3 years ago
• horsicq / YARA-sort

  View on GitHub
  Yara sort
  ☆13Updated this week
• F-Society-Freaks / exeJoinerX

  View on GitHub
  🧿Join your two exe files
  ☆11Jul 14, 2020Updated 5 years ago
• forrest-orr / artifacts-kit

  View on GitHub
  Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windo…
  ☆233Mar 18, 2024Updated last year
• thewhiteninja / socksme

  View on GitHub
  Socks 5 proxy
  ☆12Aug 5, 2023Updated 2 years ago
• craids / AresFramework

  View on GitHub
  Win32 PE Anti-RE and Anti-debugging Framework
  ☆13May 14, 2019Updated 6 years ago
• xiaobo93 / UnModule_shellcode_Inject

  View on GitHub
  无模块注入工程 VS2008
  ☆11Jul 23, 2018Updated 7 years ago
• cocomelonc / 2022-05-02-malware-pers-3

  View on GitHub
  Malware persistence via COM DLL hijacking. C++ implementation example
  ☆13May 2, 2022Updated 3 years ago
• Darkabode / 0lib

  View on GitHub
  Zerokit shared code
  ☆17Mar 28, 2019Updated 6 years ago
• b1gbroth3r / red-team-infrastructure-example

  View on GitHub
  A basic Terraform configuration for provisioning simple red team infrastructure in DigitalOcean
  ☆12May 5, 2021Updated 4 years ago
• 0x00-0x00 / CVE-2019-1064

  View on GitHub
  CVE-2019-1064 Local Privilege Escalation Vulnerability
  ☆11Jun 12, 2019Updated 6 years ago
• cocomelonc / 2022-01-24-malware-injection-15

  View on GitHub
  Process injection via KernelCallbackTable
  ☆13Jan 28, 2022Updated 4 years ago
• sapphirex00 / Threat-Hunting

  View on GitHub
  Personal compilation of APT malware from whitepaper releases, documents and own research
  ☆266Feb 7, 2019Updated 7 years ago
• d35ha / PE2Shellcode

  View on GitHub
  Convert PE files to a shellcode
  ☆81May 7, 2020Updated 5 years ago
• crisprss / magicNetdefs

  View on GitHub
  Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…
  ☆49Jun 21, 2022Updated 3 years ago
• shantanu561993 / ParentProcessIDSpoof

  View on GitHub
  Spoof parent process ID
  ☆13Jan 23, 2019Updated 7 years ago
• sandmaxprime / VagrantMalwareWin10VM

  View on GitHub
  Vagrant Files to create a Virtualbox VM for Malware Analysis
  ☆13Jun 1, 2021Updated 4 years ago
• Criper98 / DOSrat

  View on GitHub
  DOSrat by Criper98 ~ Un Remote Administrator Tool in ITA per Windows
  ☆10Oct 14, 2022Updated 3 years ago
• eLoopWoo / kernel-drivers-windows

  View on GitHub
  Modify data structures in the Windows kernel, hiding processes by PID
  ☆16Oct 29, 2017Updated 8 years ago
• TestingPens / CPLDropper

  View on GitHub
  A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…
  ☆53May 31, 2018Updated 7 years ago
• ScriptKiddieTutorials / Bypass-UAC

  View on GitHub
  PoCs of (outdated) privilege escalation vulnerability
  ☆12Dec 31, 2024Updated last year
• w1ld3r / SMBGhost_Scanner

  View on GitHub
  Advanced scanner for CVE-2020-0796 - SMBv3 RCE
  ☆15May 22, 2023Updated 2 years ago
• ninoseki / ioc-extractor

  View on GitHub
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆59Oct 5, 2025Updated 4 months ago
• ThisIsLibra / MalPull

  View on GitHub
  A multi-threaded malware sample downloader based upon given MD-5/SHA-1/SHA-256 hashes, using multiple malware databases.
  ☆30Apr 14, 2023Updated 2 years ago
• SolomonSklash / SeasideBishop

  View on GitHub
  A C port of b33f's UrbanBishop
  ☆38Oct 1, 2020Updated 5 years ago
• sneakerhax / C2PE

  View on GitHub
  Red Team C2 and Post Exploitation code
  ☆34Jul 8, 2025Updated 7 months ago
• techtocore / Cpp-Guard

  View on GitHub
  A platform independent C++ code obfuscator.
  ☆13Jul 20, 2019Updated 6 years ago
• f0wl / zipExec_unpack

  View on GitHub
  Unpacking tool for the zipExec Crypter
  ☆14Oct 30, 2021Updated 4 years ago
• rasta-mouse / AsyncSockets

  View on GitHub
  Example of async client/server sockets in .NET 5
  ☆17Jun 9, 2021Updated 4 years ago