Alternatives and similar repositories for Red-Teams

Users that are interested in Red-Teams are comparing it to the libraries listed below

• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 7 months ago
• rasta-mouse / GadgetHunter
  Find jmp gadgets for call stack spoofing.
  ☆69Updated 2 months ago
• EvilBytecode / TaskMgr-Troll
  Troll TaskManager, and play with it .
  ☆28Updated 4 months ago
• hwbp / LazyHook
  Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.
  ☆72Updated this week
• tehstoni / RustyKeys
  UAC Bypass using CMSTP in Rust
  ☆33Updated last year
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆74Updated last year
• kleiton0x00 / RtlHijack
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆78Updated 3 months ago
• buldansec / EnableEFS
  Enable EFS service as low priv user (PE & BOF)
  ☆21Updated 5 months ago
• voidvxvi / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆132Updated 11 months ago
• winterknife / SILVERPICK
  Windows User-Mode Shellcode Development Framework (WUMSDF)
  ☆117Updated 3 weeks ago
• dis0rder0x00 / obex
  Obex – Blocking unwanted DLLs in user mode
  ☆275Updated 2 months ago
• KickedDroid / bof_oxide
  A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.
  ☆34Updated 3 months ago
• nilripper / ptrguard
  A pointer encryption library intended for Red Team implant design in Rust.
  ☆63Updated 2 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆25Updated 10 months ago
• zarkones / BloodfangC2
  Modern PIC implant for Windows (64 & 32 bit)
  ☆105Updated 4 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Updated last year
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆44Updated last year
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆60Updated 7 months ago
• akamai / Mirage
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆102Updated 9 months ago
• EvilWhales / nightshade
  ☆34Updated 5 months ago
• 0xRedpoll / SignalKeyBOF
  BOF to decrypt Signal Desktop chat logs
  ☆72Updated 9 months ago
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆132Updated 3 months ago
• CodeXTF2 / CustomC2ChannelTemplate
  template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.
  ☆93Updated last week
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆32Updated last year
• patrickt2017 / VEHNetLoader
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆49Updated 5 months ago
• C5Hackr / Eclipse
  A unique introduction to native runtime obfuscation.
  ☆74Updated 9 months ago
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆101Updated 3 weeks ago
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆80Updated 5 months ago
• joaoviictorti / runas-rs
  A runas implementation with extra features in Rust
  ☆51Updated 3 weeks ago
• almounah / go-buena-clr
  Good CLR Host with Native patchless AMSI Bypass
  ☆98Updated 7 months ago