Alternatives and similar repositories for ExitPatcher

Users that are interested in ExitPatcher are comparing it to the libraries listed below

• Teach2Breach / stargate
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆103Updated 2 months ago
• 0xTriboulet / rssh-rs
  ☆55Updated 8 months ago
• mhaskar / FsquirtCPLPoC
  PoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin
  ☆121Updated last month
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆62Updated 8 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆83Updated last year
• WKL-Sec / slack-udc2
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆60Updated last month
• CICADA8-Research / RpcMotion
  Execute commands, in/exfiltrate files using your custom RPC Server
  ☆63Updated 3 weeks ago
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆50Updated last year
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61Updated 8 months ago
• kozmer / sigdream
  sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux
  ☆62Updated last month
• dis0rder0x00 / stillepost
  Using Chromium-based browsers as a proxy for C2 traffic.
  ☆140Updated 2 months ago
• kleiton0x00 / RtlHijack
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆78Updated 5 months ago
• kr0tt / EarlyExceptionHandling
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆136Updated 5 months ago
• logangoins / BadTakeover-BOF
  Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
  ☆85Updated 3 months ago
• lsecqt / SessionView
  A portable C# utility for enumerating local and remote windows sessions
  ☆55Updated last month
• M1ndo / WerDump
  A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
  ☆165Updated 4 months ago
• ricardojoserf / w11_shadow_copies
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆80Updated last week
• nickvourd / SugarFree
  Less sugar (entropy) for your binaries
  ☆34Updated 4 months ago
• kas-sec / version.dll-sideloading
  sideloading PoC using onedrive.exe & version.dll
  ☆90Updated 3 months ago
• Teach2Breach / dll2shell
  converts sRDI compatible dlls to shellcode
  ☆35Updated last year
• jsecu / ModTask
  ☆53Updated 4 months ago
• warpnet / COM-Fuzzer
  Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…
  ☆156Updated 2 months ago
• yo-yo-yo-jbo / commandline_spoofing
  Commandline spoofing on Windows
  ☆92Updated 2 months ago
• AlmondOffSec / LibTPLoadLib
  Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…
  ☆73Updated 3 months ago
• TwoSevenOneT / EDRStartupHinder
  EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.
  ☆180Updated 3 weeks ago
• zarkones / BloodfangC2
  Modern PIC implant for Windows (64 & 32 bit)
  ☆105Updated 6 months ago
• knight0x07 / NailaoLoader-Hiding-Execution-Flow
  NailaoLoader: Hiding Execution Flow via Patching
  ☆22Updated 11 months ago
• ColeHouston / theHandler-BOF
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆38Updated 6 months ago
• ofasgard / execute-assembly-pico
  A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.
  ☆128Updated last week
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 8 months ago