Alternatives and similar repositories for ShellCodeLoader_Indirect_Syscalls

Users that are interested in ShellCodeLoader_Indirect_Syscalls are comparing it to the libraries listed below

• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆30Updated 5 months ago
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆36Updated 2 years ago
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆53Updated 2 months ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆63Updated last year
• tijme / nimplant-beacon-position-independent-c-code
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆61Updated 5 months ago
• smokeme / asar-backdoor
  ☆30Updated 3 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated 11 months ago
• HulkOperator / AuthStager
  ☆55Updated 8 months ago
• Teach2Breach / dll2shell
  converts sRDI compatible dlls to shellcode
  ☆29Updated 5 months ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 10 months ago
• d4rkiZ / EmbedExeLnk-
  EmbedExeLnk by x86matthew modified by d4rkiZ
  ☆42Updated 2 years ago
• Maldev-Academy / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆48Updated 2 months ago
• T1erno / bin2shellcode
  C++ tool and library for converting .bin files to shellcode in multiple output formats.
  ☆24Updated this week
• safedv / Rustic64Shell
  A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
  ☆74Updated 2 months ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆23Updated last year
• cbwang505 / FilesystemEoPDesktopSystemShell
  Folder Or File Delete to Get System Shell on Current Session Desktop
  ☆44Updated 6 months ago
• fin3ss3g0d / IoDllProxyLoad
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆60Updated last year
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆49Updated 5 months ago
• jsecu / ModTask
  ☆52Updated 6 months ago
• cybersectroll / TrollRPC
  ☆48Updated last week
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆66Updated 11 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆73Updated 3 months ago
• cybersectroll / TrollDump
  ☆82Updated last year
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆41Updated 8 months ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• FalconForceTeam / bof-winrm-plugin-jump
  ☆27Updated 5 months ago
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆82Updated 9 months ago
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆76Updated last year
• 0xTriboulet / rssh-rs
  ☆52Updated last month
• nickvourd / SugarFree
  Less sugar (entropy) for your binaries
  ☆28Updated 3 months ago