Alternatives and similar repositories for Sekiryu

Users that are interested in Sekiryu are comparing it to the libraries listed below

• nettitude / Aladdin

  View on GitHub
  ☆225Oct 22, 2023Updated 2 years ago
• NUL0x4C / DeleteShadowCopies

  View on GitHub
  Deleting Shadow Copies In Pure C++
  ☆118Oct 31, 2022Updated 3 years ago
• klezVirus / SilentMoonwalk

  View on GitHub
  PoC Implementation of a fully dynamic call stack spoofer
  ☆901Jul 20, 2024Updated last year
• rkbennett / pybof

  View on GitHub
  Python module for running BOFs
  ☆79Nov 28, 2025Updated 2 months ago
• daem0nc0re / AtomicSyscall

  View on GitHub
  Tools and PoCs for Windows syscall investigation.
  ☆368Dec 2, 2025Updated 2 months ago
• redteamsocietegenerale / DLLirant

  View on GitHub
  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
  ☆497Nov 29, 2022Updated 3 years ago
• sensepost / wiresocks

  View on GitHub
  A sock, with a wire, so you can tunnel all you desire.
  ☆295Jan 19, 2024Updated 2 years ago
• grimlockx / ADCSKiller

  View on GitHub
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆738May 19, 2023Updated 2 years ago
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆953Feb 2, 2026Updated last week
• Helixo32 / NimBlackout

  View on GitHub
  Kill AV/EDR leveraging BYOVD attack
  ☆390Jul 11, 2023Updated 2 years ago
• Cracked5pider / Stardust

  View on GitHub
  A modern 32/64-bit position independent implant template
  ☆1,294Mar 21, 2025Updated 10 months ago
• XaFF-XaFF / Black-Angel-Rootkit

  View on GitHub
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆671Nov 9, 2023Updated 2 years ago
• thefLink / Hunt-Sleeping-Beacons

  View on GitHub
  Aims to identify sleeping beacons
  ☆659Jan 25, 2026Updated 2 weeks ago
• 0xv1n / proc-suspend

  View on GitHub
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Mar 26, 2023Updated 2 years ago
• trustedsec / orpheus

  View on GitHub
  Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
  ☆411Mar 21, 2025Updated 10 months ago
• Kudaes / Split

  View on GitHub
  Apply a divide and conquer approach to bypass EDRs
  ☆287Oct 19, 2023Updated 2 years ago
• buzzer-re / Shinigami

  View on GitHub
  A dynamic unpacking tool
  ☆145Sep 17, 2023Updated 2 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆675Dec 23, 2022Updated 3 years ago
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆808Sep 4, 2024Updated last year
• lem0nSec / ShellGhost

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,199Oct 16, 2023Updated 2 years ago
• Idov31 / Sandman

  View on GitHub
  Sandman is a NTP based backdoor for hardened networks.
  ☆816Mar 31, 2024Updated last year
• y11en / FOLIAGE

  View on GitHub
  Experiment on reproducing Obfuscate & Sleep
  ☆161Mar 14, 2021Updated 4 years ago
• synacktiv / DLHell

  View on GitHub
  Local & remote Windows DLL Proxying
  ☆170Jun 17, 2024Updated last year
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 2 years ago
• RedSiege / AutoFunkt

  View on GitHub
  Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles
  ☆202Jun 25, 2024Updated last year
• 0xdea / ghidra-scripts

  View on GitHub
  A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.
  ☆284Jan 31, 2026Updated 2 weeks ago
• BeetleChunks / SpoolSploit

  View on GitHub
  A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
  ☆551Jul 16, 2021Updated 4 years ago
• CCob / Volumiser

  View on GitHub
  ☆424Apr 22, 2025Updated 9 months ago
• mr-r3bot / bof-modules

  View on GitHub
  BOF for C2 framework
  ☆44Nov 9, 2024Updated last year
• Tw1sm / RITM

  View on GitHub
  Roast in the Middle
  ☆295Sep 19, 2025Updated 4 months ago
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆373May 24, 2022Updated 3 years ago
• Dec0ne / DllNotificationInjection

  View on GitHub
  A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…
  ☆465Aug 23, 2023Updated 2 years ago
• CognisysGroup / HadesLdr

  View on GitHub
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆293Jul 15, 2023Updated 2 years ago
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆772Jan 26, 2026Updated 2 weeks ago
• boku7 / azureOutlookC2

  View on GitHub
  Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…
  ☆503May 16, 2023Updated 2 years ago
• daem0nc0re / PrivFu

  View on GitHub
  Kernel mode WinDbg extension and PoCs for token privilege investigation.
  ☆900Jan 21, 2025Updated last year
• Accenture / Codecepticon

  View on GitHub
  .NET/PowerShell/VBA Offensive Security Obfuscator
  ☆514Feb 1, 2024Updated 2 years ago
• huntandhackett / process-cloning

  View on GitHub
  The Definitive Guide To Process Cloning on Windows
  ☆539Jan 3, 2024Updated 2 years ago
• gabriellandau / PPLFault

  View on GitHub
  ☆563Feb 22, 2024Updated last year