Alternatives and similar repositories for mayhem

Users that are interested in mayhem are comparing it to the libraries listed below

• mandiant / flare-qdb
  Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.
  ☆163Updated 2 years ago
• hegusung / AVSignSeek
  Tool written in python3 to determine where the AV signature is located in a binary/payload
  ☆313Updated 7 years ago
• 1111joe1111 / ida_ea
  A set of exploitation/reversing aids for IDA
  ☆421Updated 7 years ago
• bee13oy / AV_Kernel_Vulns
  Pocs for Antivirus Software‘s Kernel Vulnerabilities
  ☆263Updated 7 years ago
• therealdreg / anticuckoo
  A tool to detect and crash Cuckoo Sandbox
  ☆293Updated 9 months ago
• FSecureLABS / win_driver_plugin
  A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
  ☆434Updated 6 years ago
• BromiumLabs / PackerAttacker
  C++ application that uses memory and code hooks to detect packers
  ☆270Updated 7 years ago
• WinHeapExplorer / WinHeap-Explorer
  WinHeap Explorer repository.
  ☆119Updated 6 years ago
• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆368Updated 8 years ago
• Darkabode / zerokit
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆182Updated 6 years ago
• tinysec / windows-syscall-table
  windows syscall table from xp ~ 10 rs4
  ☆353Updated 6 years ago
• sensepost / gdi-palettes-exp
  DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects
  ☆145Updated 7 years ago
• orppra / ropa
  GUI tool to create ROP chains using the ropper API
  ☆156Updated 7 years ago
• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆185Updated 7 years ago
• Antonin-Deniau / cave_miner
  Search for code cave in all binaries
  ☆280Updated 10 months ago
• K2 / EhTrace
  ATrace is a tool for tracing execution of binaries on Windows.
  ☆238Updated 8 years ago
• Rootkitsmm-zz / Win32k-Fuzzer
  Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )
  ☆132Updated 9 years ago
• bruce30262 / TWindbg
  PEDA-like debugger UI for WinDbg
  ☆204Updated last year
• kokjo / universalrop
  Small tool for generating ropchains using unicorn and z3
  ☆198Updated 7 years ago
• 0xAlexei / WindowsDefenderTools
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆295Updated 6 years ago
• Spajed / processrefund
  An attempt at Process Doppelgänging
  ☆182Updated 7 years ago
• BorjaMerino / Pazuzu
  Pazuzu: Reflective DLL to run binaries from memory
  ☆215Updated 4 years ago
• EgeBalci / Cminer
  Cminer is a tool for enumerating the code caves in PE files.
  ☆150Updated 2 years ago
• MarioVilas / winappdbg
  WinAppDbg Debugger
  ☆459Updated last year
• DavidKorczynski / RePEconstruct
  ☆91Updated 8 years ago
• x64dbg / mona
  Fork of mona.py with x64dbg support
  ☆104Updated 3 years ago
• tandasat / DotNetHooking
  Sample use cases of the .NET native code hooking technique
  ☆211Updated 7 years ago
• PyAna / PyAna
  PyAna - Analyzing the Windows shellcode
  ☆246Updated 9 years ago
• ivildeed / vmw_vmx_overloader
  Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw
  ☆135Updated 8 years ago
• Phat3 / PINdemonium
  A pintool in order to unpack malware
  ☆233Updated 8 years ago