Alternatives and similar repositories for PyinMemoryPE

Users that are interested in PyinMemoryPE are comparing it to the libraries listed below

• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆42Updated 10 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆75Updated 3 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆39Updated 8 months ago
• The-Viper-One / Invoke-RDPThief
  Inject RDPThief into memory with PowerShell.
  ☆65Updated 6 months ago
• Darkrain2009 / RedExt
  Chrome browser extension-based Command & Control
  ☆157Updated last month
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆153Updated last year
• Primusinterp / PrimusC2
  A C2 framework built for my bachelors thesis
  ☆55Updated 9 months ago
• matro7sh / matro7sh_loaders
  this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
  ☆83Updated last year
• hdks-bug / hermit
  A command and control framework.
  ☆53Updated 7 months ago
• CICADA8-Research / Penetration
  Our Tips&Tricks
  ☆124Updated 5 months ago
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆94Updated 10 months ago
• DevBuiHieu / CVE-2025-33053-Proof-Of-Concept
  CVE-2025-33053 Proof Of Concept (PoC)
  ☆57Updated last month
• S3N4T0R-0X0 / Checkmate
  payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter
  ☆106Updated last year
• BlackShell256 / Null-AMSI
  Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.
  ☆71Updated last month
• 0xNinjaCyclone / PowerLoad3r
  Malicious powershell scripts loader designed to avoid detection.
  ☆50Updated 2 years ago
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆38Updated last year
• mochabyte0x / CTFPacker
  Cross platform (Linux / Windows) shellcode packer for CTFs and pentest / red team exams aiming for AV evasion !
  ☆71Updated last month
• p4p1 / havoc-ligolo
  A Havoc UI tool to pivot onto a machine using ligolo-ng
  ☆47Updated last year
• nocerainfosec / TakeMyRDP2.0
  An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard in…
  ☆104Updated 2 years ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆30Updated last year
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆54Updated last year
• ASP4RUX / bypassEDR-AV
  ☆57Updated 8 months ago
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆72Updated last year
• t3l3machus / ACEshark
  ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…
  ☆113Updated 6 months ago
• Peco602 / cobaltstrike-aggressor-scripts
  A collection of Cobalt Strike Aggressor scripts.
  ☆99Updated 3 years ago
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆40Updated last year
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆95Updated 3 months ago
• h0ru / AMSI-Reaper
  ☆105Updated 10 months ago
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆195Updated 5 months ago
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆38Updated last year