Alternatives and similar repositories for pcapan

Users that are interested in pcapan are comparing it to the libraries listed below

• codewhitesec / apollon
  Proof-of-Concept to evade auditd by writing /proc/PID/mem
  ☆22Updated last year
• therealunicornsecurity / tricard
  Tricard - Malware Sandbox Fingerprinting
  ☆20Updated last year
• 3sjay / sploits
  some sploits
  ☆17Updated 9 months ago
• codewhitesec / daphne
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆17Updated last year
• airbus-seclab / nbutools
  Tools for offensive security of NetBackup infrastructures
  ☆41Updated 2 years ago
• shlyuz / implant_go
  Golang Shlyuz Implant Implementation
  ☆13Updated last month
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated last year
• riesha / drv-vuln-scanner
  Finds imports that could be exploited, still requires manual analysis.
  ☆27Updated 2 years ago
• rbmm / Services
  ☆18Updated 6 months ago
• shlyuz / teamserver
  ☆12Updated 3 years ago
• antonioCoco / infosec-talks
  ☆48Updated last year
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• rbmm / ARL
  ☆25Updated 5 months ago
• persistent-security / hermes-the-messenger
  A PoC for achieving persistence via push notifications on Windows
  ☆46Updated 2 years ago
• sqrtZeroKnowledge / Elasticsearch-Exploit-CVE-2023-31419
  Elasticsearch Stack Overflow Vulnerability
  ☆18Updated last year
• fr0gger / shellcode2exe_package
  x64 Windows package of the shellcode2exe tool
  ☆14Updated 4 years ago
• bartblaze / DotNet-MetaData
  Identifies metadata of .NET binary files.
  ☆21Updated last year
• sneakid / DC30-PhineasTalk
  Slides for the talk we presented as UniPi at DefCon's Red Team Village
  ☆23Updated 2 years ago
• Scorpion-Security-Labs / OpenHashAPI
  OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
  ☆14Updated 8 months ago
• Hexastrike / LockBit-Database-Leak-2025
  Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.
  ☆24Updated 2 months ago
• SafeBreach-Labs / QuickShell
  A library and a set of tools for exploiting and communicating with Google's Quick Share devices.
  ☆44Updated 3 months ago
• felmoltor / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆31Updated 4 months ago
• kozmer / silentpulse
  single-threaded event driven sleep obfuscation poc for linux
  ☆34Updated last month
• atabetnouhaila / API-hashing
  ☆18Updated 9 months ago
• trustedsec / VerifyELF
  ☆26Updated last year
• FarghlyMal / Config-Extractors
  ☆27Updated 7 months ago
• Teach2Breach / NtCreateUserProcess_rs
  example using NtCreateUserProcess in rust
  ☆19Updated 5 months ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated last year
• mlcsec / SigFinder
  Identify binaries with Authenticode digital signatures signed to an internal CA/domain
  ☆40Updated last year
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago