This is practice VM for malware development
☆180Nov 17, 2025Updated 3 months ago
Alternatives and similar repositories for MaleficentVM
Users that are interested in MaleficentVM are comparing it to the libraries listed below
Sorting:
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆211Sep 20, 2025Updated 5 months ago
- macOS persistence mechanism scanner with code signature verification and timeline tracking.☆203Dec 20, 2025Updated 2 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- ☆157Apr 23, 2025Updated 10 months ago
- ☆12Nov 21, 2023Updated 2 years ago
- ☆96Aug 3, 2025Updated 7 months ago
- ☆75Jan 1, 2026Updated 2 months ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated last month
- What's the Red Team doing to my Linux Box? - BSides Vienna 2024☆17Nov 23, 2024Updated last year
- Detonate malware on VMs and get logs & detection status☆84Jan 29, 2026Updated last month
- PowerShell SharePoint extraction + auditing tool for red/blue/purple teams. Enumerates all SharePoint sites/drives a user can access via …☆114Jan 25, 2026Updated last month
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆53May 31, 2018Updated 7 years ago
- A portable C# utility for enumerating local and remote windows sessions☆56Jan 1, 2026Updated 2 months ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated last month
- Hardened your Windows OS against forensics analysis☆25Nov 27, 2024Updated last year
- Purple-team telemetry & simulation toolkit.☆108Dec 16, 2025Updated 2 months ago
- proper ntdll .text section unhooking via native api. unlike other unhookers this doesnt leave 2 ntdlls loaded. x86/x64/wow64 supported.☆53Dec 9, 2025Updated 2 months ago
- This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits☆24Oct 20, 2025Updated 4 months ago
- ☆14May 14, 2022Updated 3 years ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆45Aug 30, 2023Updated 2 years ago
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.☆460Feb 25, 2026Updated last week
- SVG Analysis and generation tools for commonly seen SVG attachment phishing☆55Sep 24, 2025Updated 5 months ago
- Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.☆616Oct 27, 2025Updated 4 months ago
- ☆48Nov 26, 2025Updated 3 months ago
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆260Sep 23, 2025Updated 5 months ago
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆167Oct 21, 2025Updated 4 months ago
- Code Coverage client for DynamoRIO☆12Jan 20, 2019Updated 7 years ago
- Advanced PoC & Research for CVE-2026-0828 (Safetica) and CVE-2025-7771 (ThrottleStop). Analysis of BYOVD (Bring Your Own Vulnerable Drive…☆26Feb 4, 2026Updated last month
- Hunt Smarter, Hunt Harder☆140Jan 12, 2026Updated last month
- ☆12Aug 25, 2023Updated 2 years ago
- This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerSh…☆14Jun 2, 2024Updated last year
- Covert data exfiltration via DNS☆51Feb 8, 2025Updated last year
- A lightweight Python 3 Nmap wrapper that doesn't try too hard. Gracefully handles any Nmap command, providing access to all output types …☆16Jan 13, 2022Updated 4 years ago
- ☆16Aug 25, 2025Updated 6 months ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 3 months ago
- A small go harness that uses Ollama to orchestrate LLMs in a restricted process flow☆16Sep 10, 2024Updated last year
- ☆58Dec 10, 2025Updated 2 months ago
- ☆59Oct 24, 2024Updated last year
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago