Alternatives and similar repositories for NativePayloads

Users that are interested in NativePayloads are comparing it to the libraries listed below

• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆379Updated 10 months ago
• mertdas / PrivKit
  PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
  ☆420Updated last year
• Helixo32 / NimBlackout
  Kill AV/EDR leveraging BYOVD attack
  ☆361Updated last year
• Maldev-Academy / EntropyReducer
  Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists
  ☆447Updated 2 years ago
• brosck / Awesome-AV-EDR-XDR-Bypass
  Awesome AV/EDR/XDR Bypass Tips
  ☆273Updated 2 years ago
• N1k0la-T / CVE-2023-36745
  ☆164Updated last year
• mertdas / SharpTerminator
  Terminate AV/EDR Processes using kernel driver
  ☆346Updated 2 years ago
• HavocFramework / Modules
  Modules used by the Havoc Framework
  ☆241Updated last year
• WesleyWong420 / RedTeamOps-Havoc-101
  Materials for the workshop "Red Team Ops: Havoc 101"
  ☆380Updated 8 months ago
• YOLOP0wn / POSTDump
  ☆333Updated 4 months ago
• senzee1984 / Amsi_Bypass_In_2023
  Amsi Bypass payload that works on Windwos 11
  ☆378Updated last year
• CodeXTF2 / WindowSpy
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆274Updated 4 months ago
• Maldev-Academy / Christmas
  ☆257Updated last year
• Cipher7 / ChaiLdr
  AV bypass while you sip your Chai!
  ☆221Updated last year
• Wra7h / SingleDose
  Generate Shellcode Loaders & Injects
  ☆156Updated 2 years ago
• Maldev-Academy / RemoteTLSCallbackInjection
  Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
  ☆261Updated last year
• trevorsaudi / Mshikaki
  A shellcode injection tool showcasing various process injection techniques
  ☆137Updated last year
• ricardojoserf / WhoamiAlternatives
  Different methods to get current username without using whoami
  ☆177Updated last year
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆153Updated last year
• senzee1984 / micr0_shell
  micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
  ☆190Updated 11 months ago
• BlackSnufkin / GhostDriver
  yet another AV killer tool using BYOVD
  ☆292Updated last year
• nickvourd / COM-Hunter
  COM Hijacking VOODOO
  ☆299Updated 3 months ago
• icyguider / LightsOut
  Generate an obfuscated DLL that will disable AMSI & ETW
  ☆325Updated 11 months ago
• kleiton0x00 / RemoteShellcodeExec
  Execute shellcode from a remote-hosted bin file using Winhttp.
  ☆234Updated 2 years ago
• Zerx0r / dvenom
  🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.
  ☆157Updated last year
• Sh0ckFR / Lockbit3.0-MpClient-Defender-PoC
  Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC
  ☆177Updated 2 years ago
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆203Updated last year
• SaadAhla / GithubC2
  Github as C2 Demonstration , free API = free C2 Infrastructure
  ☆140Updated last year
• RalfHacker / Kerbeus-BOF
  BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
  ☆472Updated 2 months ago
• REDMED-X / OperatorsKit
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆615Updated last month