Alternatives and similar repositories for AM

Users that are interested in AM are comparing it to the libraries listed below

• exploitblizzard / Syscall-Example
  Using syscall to load shellcode, Evasion techniques
  ☆27Updated 3 years ago
• GetRektBoy724 / SharpLoadLibrary
  An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
  ☆55Updated 3 years ago
• 0xAbdullah / Offensive-Snippets
  A repository with my code snippets for research/education purposes.
  ☆50Updated last year
• KINGSABRI / AssemblyLoader
  Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()
  ☆34Updated 4 years ago
• san3ncrypt3d / AESShellCodeInjector
  This program will take encrypted shell code and decrypt it in run time and inject it into another process
  ☆29Updated 3 years ago
• mmnoureldin / UnmanagedPowerShell
  ☆29Updated 2 years ago
• Mantraufo / KanonSys
  Bypass Windows defender syscall
  ☆18Updated 3 years ago
• Wh04m1001 / CVE-2022-3368
  ☆29Updated 2 years ago
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆80Updated last year
• san3ncrypt3d / AESShellCodeEncrypter
  This is a CS project that will encrypt shell code from msfvenom using AES
  ☆22Updated 3 years ago
• dosxuz / ProcessGhosting
  Small POC for process ghosting
  ☆39Updated 3 years ago
• KINGSABRI / DotNetToJScriptMini
  A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.
  ☆47Updated 4 years ago
• GetRektBoy724 / SharpHalos
  My implementation of Halo's Gate technique in C#
  ☆54Updated 3 years ago
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆85Updated 2 years ago
• rasta-mouse / MinHook.NET
  A C# port of the MinHook API hooking library
  ☆55Updated 2 years ago
• Nariod / laz-y
  Automating payload generation for OSEP labs and exam.
  ☆34Updated 2 years ago
• reveng007 / DareDevil
  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
  ☆37Updated 2 years ago
• CodeXTF2 / HavocNotion
  A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …
  ☆86Updated 2 years ago
• GetRektBoy724 / TripleS
  Extracting Syscall Stub, Modernized
  ☆64Updated 3 years ago
• Shrfnt77 / DynamicSyscalls
  DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)
  ☆65Updated 2 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆88Updated 2 years ago
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Updated 2 years ago
• binderlabs / SpoolSampleModified
  Modified Spool Sample for SEImpersonate Privilege Escalation.
  ☆14Updated 2 years ago
• GeorgePatsias / PayloadFactory
  C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.
  ☆35Updated 3 years ago
• rvrsh3ll / PELoader
  Load PE via XML Attribute
  ☆31Updated 5 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• Hypnoze57 / SharpHound4Cobalt
  C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
  ☆55Updated 2 years ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆41Updated last year
• dobin / antniumui
  The Web UI for Antnium
  ☆27Updated 2 years ago
• mantvydasb / RdpThief
  Extracting Clear Text Passwords from mstsc.exe using API Hooking.
  ☆17Updated 5 years ago