Alternatives and similar repositories for RedKits

Users that are interested in RedKits are comparing it to the libraries listed below

• MastMind / PE-infector
  Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)
  ☆71Updated last year
• aahmad097 / Test004
  Persistence via Shell Extensions
  ☆62Updated 2 years ago
• tykawaii98 / CVE-2024-21338_PoC
  ☆39Updated last year
• farinap5 / bitmap4shell
  A (quite) simple steganography algorithm to hide shellcodes within bitmap image.
  ☆23Updated last year
• evilashz / ProxyAPICall
  Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI
  ☆35Updated 2 years ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆38Updated 2 years ago
• 7h3w4lk3r / Kill-Floor
  AV/EDR killer using BYOVD technique
  ☆34Updated 11 months ago
• CodeXTF2 / BusySleepBeacon
  This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…
  ☆35Updated 3 years ago
• j3h4ck / WatchDogKiller
  PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.
  ☆46Updated this week
• kouzhudong / HidePort
  Hide Port In Windows
  ☆40Updated 10 months ago
• baiyies / CrossInject
  32 bit process inject shellcode to 32 bit process and 64 bit process
  ☆36Updated 2 years ago
• Wh04m1001 / CVE-2023-36723
  ☆67Updated last year
• lab52io / StealAllTokens
  This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…
  ☆57Updated 3 years ago
• wilszdev / GetTrustedInstallerShell
  impersonate trustedinstaller by fiddling with tokens
  ☆17Updated 4 years ago
• aazhuliang / CVE-2021-31956-EXP
  ☆40Updated 3 years ago
• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆64Updated 2 years ago
• Wra7h / PEResourceInject
  ☆56Updated 3 years ago
• florylsk / NtDump
  Indirect NT syscalls LSASS dumper.
  ☆46Updated 2 years ago
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆16Updated 2 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆55Updated 2 years ago
• hackerhouse-opensource / Gigabyte_ElevatePersist
  Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…
  ☆31Updated 2 years ago
• dosxuz / PerunsFart
  This is my own implementation of the Perun's Fart technique by Sektor7
  ☆71Updated 3 years ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆99Updated 2 years ago
• BOFs / BOFs
  Beacon Object Files.
  ☆37Updated last year
• whokilleddb / A-Study-in-Obfuscation
  A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
  ☆45Updated 2 years ago
• exploits-forsale / CVE-2024-21345
  Proof-of-Concept for CVE-2024-21345
  ☆76Updated last year
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆56Updated 3 years ago
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆102Updated 2 years ago
• expl0itabl3 / uac-bypass-cmstp
  Use CMSTP.exe to bypass UAC.
  ☆50Updated 3 years ago
• timwhitez / AddressOfEntryPoint-injection
  x64 version
  ☆37Updated 3 years ago