Alternatives and similar repositories for RdpStrike:

Users that are interested in RdpStrike are comparing it to the libraries listed below

• mertdas / SharpIncrease
  A Tool that aims to evade av with binary padding
  ☆147Updated 9 months ago
• sokaRepo / CoercedPotatoRDLL
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆204Updated last year
• Ridter / atexec-pro
  Fileless atexec, no more need for port 445
  ☆366Updated last year
• ScriptIdiot / BOF-patchit
  An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…
  ☆133Updated 2 years ago
• decoder-it / ADCSCoercePotato
  ☆224Updated 11 months ago
• rweijnen / createdump
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆148Updated 7 months ago
• Octoberfest7 / CVE-2023-36874_BOF
  Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
  ☆204Updated last year
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆108Updated 9 months ago
• Hagrid29 / DuplicateDump
  Dumping LSASS with a duplicated handle from custom LSA plugin
  ☆200Updated 3 years ago
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆172Updated 4 months ago
• je5442804 / WPTaskScheduler_CVE-2024-49039
  WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler
  ☆119Updated 5 months ago
• Octoberfest7 / DropSpawn_BOF
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆226Updated last year
• VoldeSec / PatchlessInlineExecute-Assembly
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆224Updated 2 years ago
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆98Updated 7 months ago
• MzHmO / psexec_noinstall
  Repository contains psexec, which will help to exploit the forgotten pipe
  ☆169Updated 5 months ago
• RalfHacker / CVE-2024-26229-exploit
  Windows LPE
  ☆121Updated 10 months ago
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆199Updated last year
• Zerx0r / dvenom
  🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.
  ☆156Updated last year
• mertdas / RedPersist
  ☆215Updated last year
• zyn3rgy / smbtakeover
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆300Updated 5 months ago
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF
  ☆155Updated 2 years ago
• maxDcb / C2TeamServer
  TeamServer and Client of Exploration Command and Control Framework
  ☆123Updated 2 weeks ago
• 0xEr3bus / PoolPartyBof
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆380Updated last year
• Cipher7 / ChaiLdr
  AV bypass while you sip your Chai!
  ☆220Updated 11 months ago
• mertdas / SharpTerminator
  Terminate AV/EDR Processes using kernel driver
  ☆341Updated last year
• MzHmO / TGSThief
  My implementation of the GIUDA project in C++
  ☆180Updated last year
• wh0amitz / BypassCredGuard
  Credential Guard Bypass Via Patching Wdigest Memory
  ☆321Updated 2 years ago
• blackarrowsec / Handly
  Abuse leaked token handles.
  ☆132Updated last year
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆150Updated last year
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆199Updated last year