Alternatives and similar repositories for BEV4

Users that are interested in BEV4 are comparing it to the libraries listed below

• Synzack / Excel-4.0-Shellcode-Generator
  ☆13Updated 4 years ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• dirkjanm / Group3r
  Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.
  ☆9Updated 2 years ago
• rasta-mouse / MinHook.NET
  A C# port of the MinHook API hooking library
  ☆55Updated 2 years ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆81Updated 2 years ago
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆85Updated 2 years ago
• mvelazc0 / SharpShareFinder
  SharpShareFinder is a minimalistic network share discovery POC designed to enumerate shares in Windows Active Directory networks leveragi…
  ☆27Updated 10 months ago
• FuzzySecurity / WWHF-WayWest-2022
  ☆37Updated 3 years ago
• aaaddress1 / xlsGen
  (PoC) Tiny Excel BIFF8 Generator, to Embedded 4.0 Macros in xls files without Excel.
  ☆43Updated 3 years ago
• MythicAgents / atlas
  ☆13Updated last year
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆54Updated 3 years ago
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆52Updated 4 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• kyleavery / ThirdEye
  Weaponizing CLRvoyance for Post-Ex .NET Execution
  ☆35Updated 3 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• ZeroPointSecurity / Domain-Enumeration-Tool
  Perform Windows domain enumeration via LDAP
  ☆36Updated 2 years ago
• dobin / antniumui
  The Web UI for Antnium
  ☆27Updated 2 years ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 7 months ago
• CCob / ProvisionAppx
  ☆39Updated 2 years ago
• gavz / CSASC
  Cobalt Strike Aggressor Script Collection
  ☆19Updated 7 years ago
• rvrsh3ll / DInjector
  Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL
  ☆21Updated 2 years ago
• optiv / BadOutlook
  (kinda) Malicious Outlook Reader
  ☆19Updated 4 years ago
• pgormanDS / hash_spider
  A module for CME that spiders across a domain.
  ☆35Updated 2 years ago
• mobdk / Upsilon
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆93Updated 3 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆62Updated last year
• knight0x07 / PoC-Malware-TTPs
  PoC-Malware-TTPs
  ☆49Updated 2 years ago
• Dec0ne / AMS-BP
  AMSI Bypass for powershell
  ☆30Updated 3 years ago
• KINGSABRI / DotNetToJScriptMini
  A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.
  ☆47Updated 4 years ago