Alternatives and similar repositories for YandexDecrypt

Users that are interested in YandexDecrypt are comparing it to the libraries listed below

• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated last year
• LimerBoy / Soviet-Thief
  Yandex browser passwords and credit-cards decryption algorithm
  ☆15Updated 2 months ago
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆45Updated last year
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated last year
• ntdll0 / HVNC
  My POC implementation of HVNC (Hidden VNC / Hidden Desktop)
  ☆23Updated 5 months ago
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆65Updated 10 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆74Updated 10 months ago
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆75Updated this week
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆69Updated 2 months ago
• EvilBytecode / EByte-Pattern-AmsiPatch
  Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…
  ☆18Updated last month
• 0xPrimo / KMDllInjector
  kernel-mode DLL Injector
  ☆86Updated 2 months ago
• dk0m / ZeroCrumb
  Dumping App Bound Protected Credentials & Cookies Without Privileges.
  ☆56Updated last month
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆62Updated 10 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆44Updated last month
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆86Updated 2 years ago
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆41Updated last month
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆39Updated 10 months ago
• NtDallas / Ulfberht
  Shellcode loader
  ☆86Updated 7 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆123Updated last month
• ameenalkerdy / ETWShellcodeLoader
  Shellcode Loader Utilizing ETW Events
  ☆63Updated 4 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• akamai / Mirage
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆82Updated 4 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆61Updated 10 months ago
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆70Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆27Updated last year
• Teach2Breach / early_cascade_inj_rs
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆59Updated 7 months ago
• joaoviictorti / hypnus
  Memory Obfuscation in Rust
  ☆100Updated this week
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆69Updated 2 months ago
• Teach2Breach / dll2shell
  converts sRDI compatible dlls to shellcode
  ☆29Updated 5 months ago