Alternatives and similar repositories for Process_Injection

Users that are interested in Process_Injection are comparing it to the libraries listed below

• RedTeamOperations / VEH-PoC
  ☆115Updated 2 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆88Updated 2 years ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• ZeroMemoryEx / Overlord
  abusing Process Hacker driver to terminate other processes (BYOVD)
  ☆82Updated 2 years ago
• benheise / TitanLdr
  Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
  ☆48Updated 3 years ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆85Updated 2 years ago
• waawaa / breakcyserver
  ☆49Updated 2 years ago
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆80Updated 2 years ago
• crummie5 / Freshycalls_PoC
  A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯
  ☆40Updated 4 years ago
• AzAgarampur / byeintegrity9-uac
  ☆36Updated 2 years ago
• NVISOsecurity / Interceptor
  Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space
  ☆123Updated 2 years ago
• passthehashbrowns / suspendedunhook
  ☆39Updated 4 years ago
• xalicex / Unhook-Import-Address-Table
  Piece of code to detect and remove hooks in IAT
  ☆63Updated 3 years ago
• GetRektBoy724 / HalosUnhooker
  Halos Gate-based NTAPI Unhooker
  ☆52Updated 3 years ago
• Hagrid29 / RemotePatcher
  Patch AMSI and ETW in remote process via direct syscall
  ☆81Updated 3 years ago
• mansk1es / GhostFart
  ☆136Updated last year
• shogunlab / Mochi
  Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.
  ☆101Updated 3 years ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆137Updated 2 years ago
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69Updated 2 years ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• joe-desimone / patriot
  ☆141Updated 2 years ago
• LloydLabs / process-enumeration-stealth
  ☆82Updated 9 months ago
• Ap3x / COFF-Loader
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆48Updated last year
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆36Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆75Updated 2 years ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆61Updated last year
• Hagrid29 / herpaderply_hollowing
  Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
  ☆56Updated 2 years ago
• rkbennett / pybof
  Python module for running BOFs
  ☆70Updated last year
• eversinc33 / Godmode
  Tool for playing with Windows Access Token manipulation.
  ☆55Updated 2 years ago
• EspressoCake / DLL-Exports-Extraction-BOF
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆82Updated 3 years ago