Alternatives and similar repositories for Backpack:

Users that are interested in Backpack are comparing it to the libraries listed below

• Ne0nd0g / go-clr
  A PoC package for hosting the CLR and executing .NET from Go
  ☆73Updated 10 months ago
• D00Movenok / goMalleable
  🔎🪲 Malleable C2 profiles parser and assembler written in golang
  ☆65Updated 11 months ago
• timwhitez / Doge-sRDI
  Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode
  ☆60Updated 4 years ago
• timwhitez / Doge-BlockDLLs
  Preventing 3rd Party DLLs from Injecting into your Malware
  ☆25Updated 3 years ago
• dreamkinn / go-ThreadlessInject
  Golang implementation of @CCob's C# ThreadlessInject
  ☆32Updated 11 months ago
• Synzack / Go-Syscall-Examples
  Simple PoCs for utilizing Windows syscalls in Go
  ☆16Updated 4 years ago
• neox41 / go-smbshell
  Proof of concept SMB C2 using named pipes in Golang
  ☆25Updated 5 years ago
• abdullah2993 / go-runpe
  execute a PE in the address space of another PE aka process hollowing
  ☆55Updated 3 years ago
• BronzeTicket / ClipboardWindow-Inject
  CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback
  ☆68Updated 2 years ago
• ayoul3 / reflect-pe
  Reflectively load PE
  ☆103Updated 4 years ago
• nicholasvg / RunPE-Process-Hollowing-GO
  Thanks to @d35ha
  ☆13Updated 3 years ago
• fern89 / C2
  A basic C2 framework written in C
  ☆61Updated 10 months ago
• CodeXTF2 / BusySleepBeacon
  This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…
  ☆34Updated 3 years ago
• Kara-4search / BypassETW_CSharp
  Bypassing ETW with Csharp
  ☆26Updated 3 years ago
• iammaguire / Gotato
  Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.
  ☆112Updated 3 years ago
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆100Updated 2 years ago
• florylsk / NtDump
  Indirect NT syscalls LSASS dumper.
  ☆44Updated last year
• MrAle98 / BOF-RunPE
  ☆54Updated 2 years ago
• EspressoCake / DLL-Exports-Extraction-BOF
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆82Updated 3 years ago
• waawaa / breakcyserver
  ☆48Updated 2 years ago
• ScriptIdiot / sleepmask_ekko_cfg
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆44Updated 2 years ago
• audibleblink / xordump
  ☆18Updated 3 years ago
• Hagrid29 / RemotePatcher
  Patch AMSI and ETW in remote process via direct syscall
  ☆81Updated 3 years ago
• Kara-4search / FullDLLUnhooking_CSharp
  Unhook DLL via cleaning the DLL 's .text section
  ☆9Updated 3 years ago
• h0li3 / llvmpass_for_bof
  A simple llvm pass used in BOF compiling
  ☆8Updated 5 months ago
• Kara-4search / HookDetection_CSharp
  HookDetection
  ☆46Updated 3 years ago
• An00bRektn / gopher47
  A third-party Gopher Assassin for the Havoc Framework.
  ☆44Updated last year
• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆69Updated last year
• qwqdanchun / ScreenShot-BOF
  ☆42Updated last year
• timwhitez / Doge-RL
  Reflective DLL injection Execution
  ☆19Updated 2 years ago