Alternatives and similar repositories for NativePayload_CBT

Users that are interested in NativePayload_CBT are comparing it to the libraries listed below

• ChoiSG / UuidShellcodeExec

  View on GitHub
  PoC for UUID shellcode execution using DInvoke
  ☆155Mar 8, 2021Updated 4 years ago
• Flangvik / RosFuscator

  View on GitHub
  YouTube/Livestream project for obfuscating C# source code using Roslyn
  ☆128May 9, 2021Updated 4 years ago
• ChaitanyaHaritash / Callback_Shellcode_Injection

  View on GitHub
  POCs for Shellcode Injection via Callbacks
  ☆411Feb 23, 2021Updated 4 years ago
• am0nsec / SharpHellsGate

  View on GitHub
  C# Implementation of the Hell's Gate VX Technique
  ☆216Jun 30, 2020Updated 5 years ago
• cube0x0 / ParallelSyscalls

  View on GitHub
  C# version of MDSec's ParallelSyscalls
  ☆141Jan 9, 2022Updated 4 years ago
• nettitude / RunOF

  View on GitHub
  ☆152Jan 6, 2023Updated 3 years ago
• Barbarisch / forkatz

  View on GitHub
  credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege
  ☆123May 22, 2021Updated 4 years ago
• med0x2e / ExecuteAssembly

  View on GitHub
  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…
  ☆595Jul 26, 2021Updated 4 years ago
• CCob / MirrorDump

  View on GitHub
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆269Mar 18, 2021Updated 4 years ago
• GetRektBoy724 / SharpUnhooker

  View on GitHub
  C# Based Universal API Unhooker
  ☆411Feb 18, 2022Updated 3 years ago
• moloch-- / DarkLoadLibrary

  View on GitHub
  LoadLibrary for offensive operations
  ☆33Dec 14, 2021Updated 4 years ago
• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• frkngksl / ParallelNimcalls

  View on GitHub
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Jan 14, 2022Updated 4 years ago
• RedSiege / hot-manchego

  View on GitHub
  Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.
  ☆148Sep 7, 2020Updated 5 years ago
• rvrsh3ll / NoMSBuild

  View on GitHub
  MSBuild without MSbuild.exe
  ☆135Dec 21, 2020Updated 5 years ago
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆220May 3, 2023Updated 2 years ago
• kyleavery / scarecrow_wrapper

  View on GitHub
  ☆39Jul 29, 2021Updated 4 years ago
• pkb1s / SharpRelay

  View on GitHub
  ☆180Feb 3, 2021Updated 5 years ago
• RedSiege / What-The-F

  View on GitHub
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆70Jun 25, 2024Updated last year
• nettitude / RunPE

  View on GitHub
  C# Reflective loader for unmanaged binaries.
  ☆447Jan 25, 2023Updated 3 years ago
• GhostPack / RestrictedAdmin

  View on GitHub
  Remotely enables Restricted Admin Mode
  ☆215Sep 3, 2021Updated 4 years ago
• med0x2e / vba2clr

  View on GitHub
  Running .NET from VBA
  ☆149Feb 11, 2023Updated 3 years ago
• slyd0g / UrbanBishopLocal

  View on GitHub
  A port of FuzzySecurity's UrbanBishop project for inline shellcode execution
  ☆119Sep 29, 2020Updated 5 years ago
• redteamertips / DinvokeDupetokenAndThreadSwitcheroo

  View on GitHub
  ☆26May 22, 2021Updated 4 years ago
• X-C3LL / SharpNTLMRawUnHide

  View on GitHub
  C# version of NTLMRawUnHide
  ☆72Oct 8, 2022Updated 3 years ago
• outflanknl / FindObjects-BOF

  View on GitHub
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆275May 3, 2023Updated 2 years ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆235Oct 18, 2022Updated 3 years ago
• outflanknl / InlineWhispers

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)
  ☆322Nov 9, 2021Updated 4 years ago
• mitchmoser / LACheck

  View on GitHub
  ☆93Aug 23, 2021Updated 4 years ago
• Allevon412 / TeamsImplant

  View on GitHub
  ☆209Feb 24, 2022Updated 3 years ago
• jfmaes / SharpZipRunner

  View on GitHub
  Executes position independent shellcode from an encrypted zip
  ☆304Dec 22, 2020Updated 5 years ago
• py7hagoras / CovenantTasks

  View on GitHub
  Source for tasks I have used with Covenant
  ☆122Mar 21, 2021Updated 4 years ago
• jfmaes / SharpHandler

  View on GitHub
  ☆185Jan 5, 2021Updated 5 years ago
• SECFORCE / SharpWhispers

  View on GitHub
  C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
  ☆111Apr 14, 2023Updated 2 years ago
• hasherezade / process_ghosting

  View on GitHub
  Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…
  ☆682Mar 11, 2024Updated last year
• Sh0ckFR / InlineWhispers2

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆187Jul 21, 2022Updated 3 years ago
• xforcered / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆244Jul 14, 2021Updated 4 years ago
• mgeeky / UnhookMe

  View on GitHub
  UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …
  ☆349Jul 3, 2022Updated 3 years ago
• jfmaes / AmsiHooker

  View on GitHub
  Hookers are cooler than patches.
  ☆170Jan 21, 2022Updated 4 years ago