Alternatives and similar repositories for HuffLoader:

Users that are interested in HuffLoader are comparing it to the libraries listed below

• MythicAgents / Xenon
  A Mythic agent for Windows written in C
  ☆101Updated this week
• Octoberfest7 / enumhandles_BOF
  ☆125Updated 6 months ago
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆109Updated 8 months ago
• NtDallas / Ulfberht
  Shellcode loader
  ☆77Updated 4 months ago
• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆108Updated 5 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated 9 months ago
• SaadAhla / D1rkSleep
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆118Updated 2 years ago
• FalconForceTeam / bof-winrm-client
  ☆103Updated 2 months ago
• securifybv / BOFRyptor
  ☆121Updated last year
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆171Updated 3 months ago
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆76Updated 11 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 7 months ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆151Updated last year
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆155Updated 6 months ago
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆177Updated last year
• boku7 / patchwerk
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆172Updated last month
• NtDallas / Draugr
  BOF with Synthetic Stackframe
  ☆136Updated last month
• safedv / Rustic64Shell
  A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
  ☆60Updated 2 months ago
• akamai / Mirage
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆72Updated last month
• NtDallas / OdinLdr
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆101Updated 2 months ago
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆63Updated 7 months ago
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆78Updated last year
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆210Updated 3 months ago
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆93Updated 6 months ago
• NetSPI / BOF-PE
  An example reference design for a proposed BOF PE
  ☆126Updated last month
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆129Updated 7 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆181Updated last year
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆141Updated 2 weeks ago
• ProcessusT / Venoma
  Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
  ☆169Updated last year
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆229Updated 8 months ago