Alternatives and similar repositories for PyinMemoryPE

Users that are interested in PyinMemoryPE are comparing it to the libraries listed below

• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆42Updated 9 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆38Updated 7 months ago
• Primusinterp / PrimusC2
  A C2 framework built for my bachelors thesis
  ☆55Updated 8 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆72Updated 2 months ago
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆95Updated 9 months ago
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆54Updated last year
• Ximoxkil547 / undetectableRevShell
  This repo is for the youtube video where we have explained how to make a detectable reverse shell undetectable by windows defender
  ☆27Updated last year
• matro7sh / matro7sh_loaders
  this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
  ☆83Updated last year
• The-Viper-One / Invoke-RDPThief
  Inject RDPThief into memory with PowerShell.
  ☆64Updated 5 months ago
• 0xNinjaCyclone / PowerLoad3r
  Malicious powershell scripts loader designed to avoid detection.
  ☆50Updated 2 years ago
• nocerainfosec / TakeMyRDP2.0
  An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard in…
  ☆104Updated last year
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆38Updated last year
• ASP4RUX / bypassEDR-AV
  ☆57Updated 8 months ago
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated 2 years ago
• Darkrain2009 / RedExt
  Chrome browser extension-based Command & Control
  ☆154Updated 2 weeks ago
• p4p1 / havoc-ligolo
  A Havoc UI tool to pivot onto a machine using ligolo-ng
  ☆46Updated last year
• DevBuiHieu / CVE-2025-33053-Proof-Of-Concept
  CVE-2025-33053 Proof Of Concept (PoC)
  ☆52Updated last month
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆40Updated last year
• hdks-bug / hermit
  A command and control framework.
  ☆52Updated 6 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆30Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• RATandC2 / VirusTotalC2
  Abusing VirusTotal API to host our C2 traffic, usefull for bypassing blocking firewall rules if VirusTotal is in the target white list , …
  ☆27Updated 2 years ago
• Cyxow / CVE-2024-3183-POC
  POC for CVE-2024-3183 (FreeIPA Rosting)
  ☆23Updated 10 months ago
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆27Updated 5 months ago
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆41Updated 2 months ago
• 808ale / NetRunners
  Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.
  ☆14Updated 2 months ago
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆72Updated last year
• 0xb11a1 / sliver_extension_uac_bypass_cmstp
  Sliver extension to bypass UAC via cmstp written in rust
  ☆29Updated last year
• KingKDot / PowerCrypt
  The best powershell obfuscator ever made
  ☆108Updated 3 months ago
• p4p1 / havoc-bloodhound
  A GUI wrapper inside of Havoc to interact with bloodhound CE
  ☆71Updated last year