FatCyclone/D-Pwn

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/FatCyclone/D-Pwn)

FatCyclone / D-Pwn

D/Invoke standalone shellcode runners

☆40

Alternatives and similar repositories for D-Pwn

Users that are interested in D-Pwn are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

superhac / OSEP
View on GitHub
☆21Dec 1, 2021Updated 4 years ago
zimnyaa / noWatch
View on GitHub
Implant drop-in for EDR testing
☆147Nov 15, 2023Updated 2 years ago
szymex73 / ADFSpoof
View on GitHub
☆12Feb 7, 2023Updated 3 years ago
dreamkinn / CompileCSDocker
View on GitHub
Compile SharpHound and others on Linux
☆24Aug 16, 2024Updated last year
GetRektBoy724 / HalosUnhooker
View on GitHub
Halos Gate-based NTAPI Unhooker
☆52Apr 21, 2022Updated 4 years ago
Managed Kubernetes at scale on DigitalOcean • Ad
DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
tothi / malicious-service
View on GitHub
Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions
☆14Nov 13, 2022Updated 3 years ago
TomOS3 / UserModeUnhooking
View on GitHub
This project is created for research into antivirus evasion by unhooking.
☆18Sep 2, 2021Updated 4 years ago
CryptoBreach / UnhookPoC
View on GitHub
A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
☆10Dec 16, 2021Updated 4 years ago
dmcxblue / NtCreateUserProcessBOF
View on GitHub
An Aggressor Script that utilizes NtCreateUserProcess to run binaries
☆31Jan 30, 2025Updated last year
Wra7h / ARCInject
View on GitHub
Overwrite a process's recovery callback and execute with WER
☆102Apr 17, 2022Updated 4 years ago
dim0x69 / dns-exe-persistance
View on GitHub
☆46May 9, 2017Updated 8 years ago
securifybv / BOFRyptor
View on GitHub
☆124Oct 9, 2023Updated 2 years ago
Wra7h / SharpGhosting
View on GitHub
Process Ghosting in C#
☆219Jan 24, 2022Updated 4 years ago
rtecCyberSec / RAITrigger
View on GitHub
Local SYSTEM auth trigger for relaying
☆171Jul 22, 2025Updated 9 months ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
OmriBaso / WTSImpersonator
View on GitHub
WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
☆122Jul 2, 2024Updated last year
passthehashbrowns / Being-A-Good-CLR-Host
View on GitHub
☆97Jan 21, 2025Updated last year
GetRektBoy724 / SyscallShuffler
View on GitHub
Your NTDLL vaccine from modern direct syscall methods.
☆36Apr 5, 2022Updated 4 years ago
pard0p / CallstackSpoofingPOC
View on GitHub
C++ self-Injecting dropper based on various EDR evasion techniques.
☆432Feb 11, 2024Updated 2 years ago
Octoberfest7 / OSEP-Tools
View on GitHub
☆306Mar 31, 2022Updated 4 years ago
sudonoodle / Aggressor-NTFY
View on GitHub
Cobalt Strike notifications via NTFY.
☆15Sep 24, 2024Updated last year
3xploit666 / AmsiResurrect
View on GitHub
☆12Mar 8, 2026Updated last month
Octoberfest7 / enumhandles_BOF
View on GitHub
☆127Sep 1, 2024Updated last year
cogiceo / AAN
View on GitHub
Access All Networks: an offensive multitool against 802.1X
☆20Aug 25, 2025Updated 8 months ago
AI Agents on DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
Accenture / Codecepticon
View on GitHub
.NET/PowerShell/VBA Offensive Security Obfuscator
☆521Feb 1, 2024Updated 2 years ago
LloydLabs / shellcode-plain-sight
View on GitHub
Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
☆211Nov 12, 2025Updated 5 months ago
OtterHacker / SetProcessInjection
View on GitHub
☆156Oct 2, 2023Updated 2 years ago
susMdT / effective-waffle
View on GitHub
yet another sleep encryption thing. also used the default github repo name for this one.
☆69May 11, 2023Updated 2 years ago
OtterHacker / ShareFouine
View on GitHub
☆53Oct 29, 2024Updated last year
rad9800 / FileRenameJunctionsEDRDisable
View on GitHub
☆158Dec 13, 2024Updated last year
jfmaes / DeepSleep
View on GitHub
all credits go to @mgeeky
☆65Oct 14, 2021Updated 4 years ago
EspressoCake / ReadRemoteProcessCommandline_BOF
View on GitHub
☆29May 10, 2024Updated last year
RedSiege / jargon
View on GitHub
☆155Mar 5, 2026Updated last month
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
thefLink / RecycledGate
View on GitHub
Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
☆503Feb 3, 2022Updated 4 years ago
MzHmO / DebugAmsi
View on GitHub
DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
☆102Sep 18, 2023Updated 2 years ago
draktuls / IAF-EAF-Shellcode-bypass-PoC
View on GitHub
Shellcode capable of bypassing EAF / IAF mitigations
☆28Apr 11, 2023Updated 3 years ago
plackyhacker / SandboxDefender
View on GitHub
C# code to Sandbox Defender (and most probably other AV/EDRs).
☆167Apr 22, 2022Updated 4 years ago
Meowmycks / etwunhook
View on GitHub
Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
☆59Feb 29, 2024Updated 2 years ago
gatariee / ldrgen
View on GitHub
Template-based generation of shellcode loaders
☆81Apr 20, 2024Updated 2 years ago
fortra / No-Consolation
View on GitHub
A BOF that runs unmanaged PEs inline
☆695Oct 23, 2024Updated last year