343 Open source projects that are alternatives of or similar to Process_doppelganging

Automatic analysis of SWF files based on some heuristics. Extensible via plugins.

An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Vxheaven.org website's mirror

Various scripts for different malware families

Detect silent (unwanted) changes to files on your system

Cuckoo Sandbox plugin for extracts configuration data of known malware

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.

Program Uses Thread Execution Hijacking To Inject Native Shell-code Into a Standard Win32 Application

Malware Behavior Analyzer

To block the malware domains of coin-hive systemwide.

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Automatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage

Anteater - CI/CD Gate Check Framework

Let's make an annoyance free, better open internet, altogether!

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

Pythonic ransomware proof of concept.

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

A C/C++ implementation of Microsoft's Antimalware Scan Interface

Python Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles

DDoor - cross platform backdoor using dns txt records

A powerful C keylogger for Windows.

🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.

A collection of hacking / penetration testing resources to make you better!

DNS filter-/blocklists | safe. private. clean. browsing!

Free Malware Training Datasets for Machine Learning

This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.

A merged collection of hosts from reputable sources. #StayEnergized!

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

www.rootkit.com users section mirror, sql database dump, and a few other files/rootkits.

AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.

Awesome hacking is an awesome collection of hacking tools.

ipsets dynamically updated with firehol's update-ipsets.sh script

Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.

a simple hidden silent XMR miner.

Wolves Among the Sheep

Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.

Domains Blocklist for Squid-Cache

🔥 Modern command line tool for malware creation on Windows

Automated Use Case Testing

Extensible Red Team Framework

Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders

IlluminateJS is a static JavaScript deobfuscator

Runtime memory analysis framework to identify Android malware

A ctypes powered python keylogger.

Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware

Seven different DLL injection techniques in one single project.

Keep track of the labs from the book "Practical Malware Analysis"

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Valhalla, Malware Bazaar, ThreatFox and it is able to scan Android devices against VT and HA.

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

Basic Multiplatform Remote Administration Tool - Xamarin

Qiling Advanced Binary Emulation Framework

Quickly and easily install, uninstall, and set up automatic updates for any of Steven Black's unified hosts files.

Sandbox for automated Linux malware analysis.

Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools

A ransomware developed in python, with bypass technics, for educational purposes.