Bl4ckM1rror/PEAs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Bl4ckM1rror/PEAs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Bl4ckM1rror/PEAs)

Close

Bl4ckM1rror / PEAsView on GitHubMore

• External links
• Readme badge

☆60Dec 15, 2023Updated 2 years ago

Alternatives and similar repositories for PEAs

Users that are interested in PEAs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• naksyn / ProcessStomping

  View on GitHub
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Dec 16, 2023Updated 2 years ago
• MalwareTech / EDRception

  View on GitHub
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆203Dec 27, 2023Updated 2 years ago
• Unprotect-Project / FuncInEvasionTechniqueDemo

  View on GitHub
  ☆35Dec 21, 2023Updated 2 years ago
• blackarrowsec / Handly

  View on GitHub
  Abuse leaked token handles.
  ☆136Dec 14, 2023Updated 2 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• rasta-mouse / CsWhispers

  View on GitHub
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆191Mar 4, 2024Updated 2 years ago
• MaorSabag / interactive-execute-shellcode

  View on GitHub
  A simple PoC of injection shellcode into a remote process and get the output using namepipe
  ☆47Jan 10, 2024Updated 2 years ago
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Feb 11, 2024Updated 2 years ago
• EspressoCake / DefenderPathExclusions

  View on GitHub
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆32Nov 1, 2023Updated 2 years ago
• nothingspecialforu / EvtPsst

  View on GitHub
  EvtPsst
  ☆55Oct 24, 2023Updated 2 years ago
• MaorSabag / Paruns-Fart

  View on GitHub
  Just another ntdll unhooking using Parun's Fart technique
  ☆76Feb 15, 2023Updated 3 years ago
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆155Oct 2, 2023Updated 2 years ago
• Maldev-Academy / Christmas

  View on GitHub
  PoC demonstrating a multi process injection chain aimed at remotely executing shellcode
  ☆259Jan 21, 2024Updated 2 years ago
• dmcxblue / SharpGhostTask

  View on GitHub
  A C# port from Invoke-GhostTask
  ☆120Jan 5, 2024Updated 2 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• lap1nou / CLR_Heap_encryption

  View on GitHub
  ☆102Oct 7, 2023Updated 2 years ago
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆66Mar 19, 2024Updated 2 years ago
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆413Jan 11, 2026Updated 3 months ago
• MzHmO / Parasite-Invoke

  View on GitHub
  Hide your P/Invoke signatures through other people's signed assemblies
  ☆210Mar 10, 2024Updated 2 years ago
• ipSlav / DirtyCLR

  View on GitHub
  An App Domain Manager Injection DLL PoC on steroids
  ☆211Dec 14, 2023Updated 2 years ago
• pard0p / CallstackSpoofingPOC

  View on GitHub
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆428Feb 11, 2024Updated 2 years ago
• lsecqt / ThreadlessInject-C-Implementation

  View on GitHub
  This repository implements Threadless Injection in C
  ☆172Dec 23, 2023Updated 2 years ago
• GetRektBoy724 / SyscallShuffler

  View on GitHub
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Apr 5, 2022Updated 4 years ago
• jsecu / BOF-pack-1

  View on GitHub
  A care package of useful bofs for red team engagments
  ☆53Dec 6, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• hackerhouse-opensource / Artillery

  View on GitHub
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆184Feb 2, 2026Updated 2 months ago
• zimnyaa / smbsocks

  View on GitHub
  A simple rpc2socks alternative in pure Go.
  ☆31Jul 8, 2024Updated last year
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆231Dec 3, 2025Updated 4 months ago
• florylsk / ExecIT

  View on GitHub
  Execute shellcode files with rundll32
  ☆218Jan 28, 2024Updated 2 years ago
• KINGSABRI / ServerlessRedirector

  View on GitHub
  Serverless Redirector in various cloud vendor for red team
  ☆73Dec 8, 2022Updated 3 years ago
• cpu0x00 / SharpReflectivePEInjection

  View on GitHub
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆166Jan 4, 2024Updated 2 years ago
• Bl4ckM1rror / KerberoShutdown

  View on GitHub
  ☆18Aug 1, 2022Updated 3 years ago
• c3r3br4t3 / ShadowRDP

  View on GitHub
  ☆75Feb 4, 2024Updated 2 years ago
• frkngksl / UnlinkDLL

  View on GitHub
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆63Apr 4, 2026Updated last week
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• fortra / hw-call-stack

  View on GitHub
  Use hardware breakpoints to spoof the call stack for both syscalls and API calls
  ☆203Jun 6, 2024Updated last year
• itaymigdal / LOLSpoof

  View on GitHub
  An interactive shell to spoof some LOLBins command line
  ☆186Jan 27, 2024Updated 2 years ago
• sokaRepo / CoercedPotatoRDLL

  View on GitHub
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆227Nov 23, 2023Updated 2 years ago
• EvanMcBroom / perfect-loader

  View on GitHub
  Load a dynamic library from memory by modifying the native Windows loader
  ☆292Jun 18, 2025Updated 9 months ago
• EspressoCake / BetterPipename

  View on GitHub
  Example of using Sleep to create better named pipes.
  ☆41Jul 25, 2023Updated 2 years ago
• CognisysGroup / HadesLdr

  View on GitHub
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆295Jul 15, 2023Updated 2 years ago
• oldboy21 / RflDllOb

  View on GitHub
  Reflective DLL Injection Made Bella
  ☆251Jan 6, 2025Updated last year