0xf00sec/Aether external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

0xf00sec/Aether

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/0xf00sec/Aether)

Close

0xf00sec / AetherView on GitHubMore

• External links
• Readme badge

Self-mutating macOS implant

☆135Apr 18, 2026Updated last month

Alternatives and similar repositories for Aether

Users that are interested in Aether are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• 0xRedpoll / SignalKeyBOF

  View on GitHub
  BOF to decrypt Signal Desktop chat logs
  ☆70Feb 20, 2025Updated last year
• dr4ndrei / OHFFLdr

  View on GitHub
  One-header configurable C++20 COFF loader
  ☆20Jul 21, 2025Updated 10 months ago
• outflanknl / macos-jit

  View on GitHub
  Proof-of-concept code for understanding the allow-jit entitlement on macOS
  ☆31Feb 19, 2026Updated 3 months ago
• 0xTriboulet / scepter-rs

  View on GitHub
  A hacky way of getting cross-arch/platform support in Cobalt Strike
  ☆38Aug 31, 2025Updated 8 months ago
• mochabyte0x / TrampoLatte

  View on GitHub
  A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow
  ☆19Jun 26, 2025Updated 11 months ago
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• sudonoodle / BOF-entra-authcode-flow

  View on GitHub
  Beacon Object File (BOF) to obtain Entra tokens via authcode flow.
  ☆130Jan 17, 2026Updated 4 months ago
• RTS-Framework / Gleam-RT

  View on GitHub
  A runtime for developing large-scale and complex shellcode.
  ☆22May 3, 2026Updated 3 weeks ago
• zero2504 / Early-Cryo-Bird-Injections

  View on GitHub
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆144Apr 6, 2025Updated last year
• I3IT / Detect.Remote.ShadowSnapshot.Dump

  View on GitHub
  Detect Remote Local Credentials Dumping using a Shadow Snapshot
  ☆32Jan 27, 2025Updated last year
• outflanknl / edr-internals

  View on GitHub
  Tools for analyzing EDR agents
  ☆278Jun 10, 2024Updated last year
• KickedDroid / bof_oxide

  View on GitHub
  A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.
  ☆76Aug 24, 2025Updated 9 months ago
• outflanknl / seccomp-notify-injection

  View on GitHub
  Linux Process Injection via Seccomp Notifier
  ☆96Dec 9, 2025Updated 5 months ago
• EricEsquivel / CobaltStrike-Linux-Beacon

  View on GitHub
  Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons
  ☆208Feb 11, 2026Updated 3 months ago
• MythicAgents / Hannibal

  View on GitHub
  A Mythic Agent written in PIC C.
  ☆204Feb 4, 2025Updated last year
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• Mazzy-Stars / lain_c2

  View on GitHub
  command control framework
  ☆33May 10, 2026Updated 2 weeks ago
• jsecu / ModTask

  View on GitHub
  ☆52Mar 30, 2026Updated last month
• tijme / kong-loader

  View on GitHub
  Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…
  ☆65Apr 2, 2025Updated last year
• redteamronin / EmbedInHTML

  View on GitHub
  ☆16Jan 9, 2025Updated last year
• grayhatkiller / wambam-bof

  View on GitHub
  ☆50Dec 5, 2025Updated 5 months ago
• Archie-osu / PowerHook

  View on GitHub
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆80Apr 13, 2025Updated last year
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆210Dec 25, 2024Updated last year
• DarkSpaceSecurity / SSH-Stealer

  View on GitHub
  Smart keylogging capability to steal SSH Credentials including password & Private Key
  ☆152Mar 26, 2025Updated last year
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆122May 29, 2022Updated 3 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• snovvcrash / RemoteRegSave

  View on GitHub
  A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host
  ☆41Dec 8, 2023Updated 2 years ago
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆62Jun 9, 2025Updated 11 months ago
• Octoberfest7 / DSCourier_BOF

  View on GitHub
  BOF POC of the DSCourier project / invoking WinGet via COM
  ☆85Apr 23, 2026Updated last month
• SECFORCE / LLMGoat

  View on GitHub
  This project is a deliberately vulnerable environment to learn about LLM-specific risks based on the OWASP Top 10 for LLM Applications.
  ☆51Jan 19, 2026Updated 4 months ago
• kleiton0x00 / RtlHijack

  View on GitHub
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆79Aug 25, 2025Updated 9 months ago
• whokilleddb / sinister-vsix

  View on GitHub
  Blog/Journal on how to backdoor VSCode extensions
  ☆80Feb 24, 2026Updated 3 months ago
• joaoviictorti / uwd

  View on GitHub
  Call Stack Spoofing for Rust
  ☆217Jan 28, 2026Updated 3 months ago
• xrombar / flower

  View on GitHub
  a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
  ☆111Mar 25, 2024Updated 2 years ago
• winterknife / EVENSTAR

  View on GitHub
  Intel 64/Windows low-level experiments
  ☆89May 14, 2026Updated last week
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆248Oct 30, 2025Updated 6 months ago
• pwardle / ReflectiveLoader

  View on GitHub
  A Reflective Loader for macOS
  ☆149Jul 20, 2025Updated 10 months ago
• CodeXTF2 / OpenMalleableC2

  View on GitHub
  Open Source Implementation of Cobalt Strike's Malleable C2
  ☆101Jan 27, 2026Updated 4 months ago
• ryanq47 / CS-EXTC2-ICMP

  View on GitHub
  An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.
  ☆120Oct 6, 2025Updated 7 months ago
• hdbreaker / Nimhawk

  View on GitHub
  A powerful, modular, lightweight and efficient command & control framework written in Nim.
  ☆224Nov 3, 2025Updated 6 months ago
• boku7 / StringReaper

  View on GitHub
  Reaping treasures from strings in remote processes memory
  ☆288Feb 8, 2025Updated last year
• susMdT / clr-thing

  View on GitHub
  rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
  ☆17Jan 6, 2024Updated 2 years ago