Alternatives and similar repositories for nightshade

Users that are interested in nightshade are comparing it to the libraries listed below

• Teach2Breach / hollow_rs
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆30Updated 5 months ago
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆96Updated 3 weeks ago
• HulkOperator / AuthStager
  ☆55Updated 8 months ago
• Teach2Breach / schtask
  Rust implementation, creating a scheduled task programmatically with user logon trigger.
  ☆42Updated last month
• redr0nin / Agentic-Flow-Corruption-Attacks
  A red teaming attack paradigm against AI Agents
  ☆31Updated 4 months ago
• andreisss / Living-off-the-COM-Type-Coercion-Abuse
  This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…
  ☆47Updated 2 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 5 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆54Updated 5 months ago
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆75Updated 3 weeks ago
• dmcxblue / Claude-C2
  Utilizng an MCP Server to communicate with your C2
  ☆77Updated 2 months ago
• SecTheBit / ZoomBotC2
  ☆38Updated 2 weeks ago
• 0xRedpoll / SignalKeyBOF
  BOF to decrypt Signal Desktop chat logs
  ☆65Updated 4 months ago
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆77Updated 4 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆87Updated last month
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆77Updated 3 months ago
• tijme / nimplant-beacon-position-independent-c-code
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆61Updated 5 months ago
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆41Updated 2 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆44Updated 2 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• 0xTriboulet / rssh-rs
  ☆52Updated last month
• OtterHacker / AWSRedirector
  ☆56Updated 5 months ago
• Teach2Breach / pool_party_rs
  remote process injections using pool party techniques
  ☆65Updated 2 weeks ago
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆53Updated 2 months ago
• DevBuiHieu / CVE-2025-33053-Proof-Of-Concept
  CVE-2025-33053 Proof Of Concept (PoC)
  ☆54Updated last month
• Maldev-Academy / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆48Updated 2 months ago
• SaadAhla / VSCode-Backdoor
  Backdooring VSCode Projects
  ☆74Updated last month
• winsecurity / AMSI-Bypass-HWBP
  ☆22Updated 4 months ago
• p0dalirius / FindProcessesWithNamedPipes
  A simple C++ Windows tool to get information about processes exposing named pipes.
  ☆38Updated 4 months ago
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆49Updated 5 months ago
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆66Updated 11 months ago