Alternatives and similar repositories for VerifyELF

Users that are interested in VerifyELF are comparing it to the libraries listed below

• shlyuz / implant_go
  Golang Shlyuz Implant Implementation
  ☆13Updated 6 months ago
• therealunicornsecurity / tricard
  Tricard - Malware Sandbox Fingerprinting
  ☆22Updated 2 years ago
• airbus-seclab / nbutools
  Tools for offensive security of NetBackup infrastructures
  ☆42Updated 2 years ago
• vyrus001 / ebowla-2
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆23Updated 4 years ago
• xpcmdshell / electron-probe
  ☆31Updated 4 years ago
• codewhitesec / apollon
  Proof-of-Concept to evade auditd by writing /proc/PID/mem
  ☆23Updated 2 years ago
• codewhitesec / daphne
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆18Updated 2 years ago
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 4 years ago
• synacktiv / pcapan
  A pcap capture analysis helper
  ☆25Updated 2 years ago
• riesha / drv-vuln-scanner
  Finds imports that could be exploited, still requires manual analysis.
  ☆29Updated 3 years ago
• keyboardcrunch / sentinelone_usbscan
  A custom SentinelOne USB scanner.
  ☆18Updated 3 years ago
• shlyuz / teamserver
  ☆12Updated 3 years ago
• peasead / windows-sandbox-to-elastic
  Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
  ☆50Updated 2 years ago
• hotnops / AzureScripts
  Random scripts for azure stuff
  ☆12Updated 3 years ago
• asaurusrex / MachoBins
  ☆15Updated 3 years ago
• Iansus / DllProxy
  ☆17Updated 2 years ago
• Scorpion-Security-Labs / OpenHashAPI
  OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
  ☆14Updated last year
• bartblaze / DotNet-MetaData
  Identifies metadata of .NET binary files.
  ☆21Updated last year
• Syslifters / split-bloodhound
  ☆18Updated 2 years ago
• monoxgas / minibus
  Remote code execution in Power Platform connectors via JSON deserialization
  ☆23Updated 2 years ago
• sourcefrenchy / DEFCON-30---Exotic-Data-Exfiltration
  Slides from my talk at the Adversary Village, Defcon 30
  ☆29Updated 3 years ago
• whichbuffer / Antidebug
  Defeating Anti-Debugging Techniques for Malware Analysis
  ☆13Updated 3 years ago
• mlcsec / SigFinder
  Identify binaries with Authenticode digital signatures signed to an internal CA/domain
  ☆40Updated last year
• nccgroup / mimikatz-detector-busylight
  USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…
  ☆20Updated 3 years ago
• Retrospected / kerbmon
  Continuous kerberoast monitor
  ☆45Updated 2 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆31Updated 5 years ago
• sensepost / cipherchecks
  visually see issues with supported cipher suites
  ☆17Updated last year
• Permiso-io-tools / DetentionDodger
  ☆17Updated 10 months ago
• magisterquis / lutlol
  Living Under the Land on Linux ~ BSides Belfast 2025
  ☆37Updated 2 weeks ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆23Updated 4 years ago