Alternatives and similar repositories for PyinMemoryPE

Users that are interested in PyinMemoryPE are comparing it to the libraries listed below

• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆43Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆87Updated 6 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆44Updated 11 months ago
• The-Viper-One / Invoke-RDPThief
  Inject RDPThief into memory with PowerShell.
  ☆65Updated 10 months ago
• 0xNinjaCyclone / PowerLoad3r
  Malicious powershell scripts loader designed to avoid detection.
  ☆59Updated 2 years ago
• 0xNinjaCyclone / AsmLdr
  Dynamic shellcode loader with sophisticated evasion capabilities
  ☆253Updated last month
• CICADA8-Research / Penetration
  Our Tips&Tricks
  ☆127Updated 9 months ago
• Aur3ns / LsassStealer
  Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…
  ☆118Updated 5 months ago
• Primusinterp / PrimusC2
  A C2 framework built for my bachelors thesis
  ☆56Updated last year
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆38Updated last year
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆154Updated last year
• zflemingg1 / AM0N-Eye
  ☆24Updated last year
• mochabyte0x / CTFPacker
  Cross platform (Linux / Windows) shellcode packer for CTFs and pentest / red team exams aiming for AV evasion !
  ☆86Updated this week
• almounah / go-buena-clr
  Good CLR Host with Native patchless AMSI Bypass
  ☆96Updated 7 months ago
• p4p1 / havoc-ligolo
  A Havoc UI tool to pivot onto a machine using ligolo-ng
  ☆48Updated last year
• matro7sh / matro7sh_loaders
  this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
  ☆83Updated last year
• hdks-bug / hermit
  A command and control framework.
  ☆55Updated 10 months ago
• tylerdotrar / PoorMansArmory
  Collection of malleable payloads and tools that will bypass AMSI, Windows Defender, and self-signed certificate checks.
  ☆37Updated 8 months ago
• DevBuiHieu / CVE-2025-33053-Proof-Of-Concept
  CVE-2025-33053 Proof Of Concept (PoC)
  ☆61Updated 5 months ago
• S3N4T0R-0X0 / Checkmate
  payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter
  ☆108Updated last year
• nocerainfosec / TakeMyRDP2.0
  An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard in…
  ☆105Updated 2 years ago
• moscowchill / LSTAR-EN
  LSTAR - CobaltStrike Translated to EN
  ☆22Updated 2 years ago
• cisagov / snafflepy
  Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler
  ☆114Updated 4 months ago
• KingKDot / PowerCrypt
  The best powershell obfuscator ever made
  ☆117Updated 3 months ago
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆130Updated 3 months ago
• p4p1 / havoc-bloodhound
  A GUI wrapper inside of Havoc to interact with bloodhound CE
  ☆71Updated last year
• 0xb11a1 / sliver_extension_uac_bypass_cmstp
  Sliver extension to bypass UAC via cmstp written in rust
  ☆32Updated last year
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆159Updated 3 months ago
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆76Updated last year
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆203Updated 8 months ago