A shellcode loader generator with support for multiple injection techniques, built for red team engagements.
☆93Jul 1, 2026Updated last week
Alternatives and similar repositories for Hollow
Users that are interested in Hollow are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Adaptix C2 extender to support Cobalt Strike Malleable C2 profiles☆47Jun 28, 2026Updated 2 weeks ago
- DynLoader A modular Windows loader focused on EDR evasion Built with indirect syscall (Tartarus Gate / Hell’s Gate), Manual PE parsing …☆56Updated this week
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- Automatically deploying Mythic C2 in Azure using Terraform☆20Jul 3, 2026Updated last week
- Staged DLL injection proof-of-concept built in C using Win32 APIs — developed in an isolated lab environment for red team certification s…☆40Jun 4, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A stealthy and modular Windows loader designed to bypass modern EDR solutions using Module Stomping, Stack Duplication, and Advanced Slee…☆66Updated this week
- Crystal Palace Evasion kit for Sliver☆96Jun 13, 2026Updated last month
- Automated BYOVD driver analysis: import scanning, IOCTL dispatch extraction, Speakeasy emulation☆82Jul 2, 2026Updated last week
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆142Apr 22, 2026Updated 2 months ago
- Reflective DLL loader.☆25Jun 30, 2026Updated 2 weeks ago
- KHAOS is a modern C2 framework that routes agent traffic through cloud services already trusted by enterprise networks.☆186Updated this week
- Cobalt Strike BOF to obtain location data☆26Jul 4, 2026Updated last week
- Templates for developing your own listeners and agents for AdaptixC2.☆54Feb 28, 2026Updated 4 months ago
- NØW is a word-based shellcode encoding and obfuscation tool that transforms raw shellcode bytes into natural-looking English prose.☆68Jun 24, 2026Updated 2 weeks ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆192Jun 6, 2026Updated last month
- A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more☆57Jun 24, 2026Updated 2 weeks ago
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- Advanced OPSEC fork of Donut. Features a Custom in-memory CLR Host, Tail-Jump ETW bypasses, and zero-patch AMSI evasion for stealthy shel…☆68Jun 24, 2026Updated 2 weeks ago
- Active Directory forensic framework☆16May 18, 2026Updated last month
- Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advance…☆113Jun 30, 2026Updated 2 weeks ago
- The Azure Execution Tool☆159Feb 6, 2026Updated 5 months ago
- Agent for AdaptixC2 with focus in evasion, capability and malleable.☆222Apr 26, 2026Updated 2 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 8 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆62May 4, 2026Updated 2 months ago
- Abusing the win32k.sys kernel callback mechanism for arbitrary code execution☆102Apr 10, 2026Updated 3 months ago
- Another new coercion primitive with LPE - machine-account NTLM coercion from a non-admin user via Windows Store InstallService plugin res…☆86Jun 20, 2026Updated 3 weeks ago
- Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.☆61May 4, 2026Updated 2 months ago
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- goLoL is a Windows host scanner with dual support for LOLBAS binaries and LOLDrivers. It lists LOLBAS techniques runnable at your current…☆66Jun 28, 2026Updated 2 weeks ago
- Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID☆176Updated this week
- A Windows tool that converts LDIF files to BloodHound CE☆30Dec 20, 2025Updated 6 months ago
- Fritter is a heavily modified fork of TheWover and Odzhan's Donut shellcode generator.☆243Jun 11, 2026Updated last month
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 2 months ago
- Activation Context Hijacking Evasion Tool☆293Jun 17, 2026Updated 3 weeks ago
- OSEP - Offsec Expert Professional☆21Jun 23, 2024Updated 2 years ago
- Another BYOVD process killer. works on all EDR's. fully signed.☆285May 19, 2026Updated last month
- Async port scanner BOF. Supports IP/port ranges, CIDR notation and hostnames.☆18Jun 17, 2026Updated 3 weeks ago
- Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.☆394Jun 20, 2026Updated 3 weeks ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year