Alternatives and similar repositories for Win10PostExploits

Users that are interested in Win10PostExploits are comparing it to the libraries listed below

• 0xZ0F / BitdefenderEvader
  ☆7Updated 5 years ago
• hasherezade / hidden_bee_tools
  Parser for a custom executable format from Hidden Bee malware (first stage)
  ☆43Updated 9 months ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 7 years ago
• sevagas / weaponize_process_injection_windows_SIGSEGv2_2019
  Files related to my presentation at SigSegV2 conference in 2019. You can find related papers on my blog
  ☆13Updated 5 years ago
• ps1337 / Crypt0r
  A simple AES malware crypter
  ☆16Updated 7 years ago
• d35ha / ShellInjector
  Execute an arbitrary command within the context of another process
  ☆20Updated 6 years ago
• own2pwn / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆26Updated 6 years ago
• 0xyg3n / mem64
  Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.
  ☆27Updated 8 years ago
• karol-gruszczyk / win-rootkit
  ☆23Updated 9 years ago
• arunvnnk / AVbypass
  Techniques that i have used to evade anti-virus during pen tests.
  ☆13Updated 7 years ago
• ExaByt3s / MalwareSDK
  Botnet SDK Based on Zeus HTTP Malware (Educational Purposes)
  ☆14Updated 5 years ago
• d35ha / xKeLogger
  Kernel mode windows NT API logger
  ☆22Updated 5 years ago
• Darkabode / 0lib
  Zerokit shared code
  ☆16Updated 6 years ago
• Alexuiop1337 / AntiDisassembly
  Basic disassembly technique to slow down disasm process
  ☆11Updated 5 years ago
• freesoul / netstub
  Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.
  ☆15Updated 6 years ago
• HFaeiro / Remote-Admin-Tool
  Simple remote administration tool. Written in c++ and MASM.
  ☆18Updated 7 years ago
• Darkabode / possessor
  User-mode part of Zerokit platform
  ☆20Updated 6 years ago
• jthuraisamy / av-fingerprints
  Antivirus Emulator Fingerprints
  ☆29Updated 6 years ago
• frego / fwshell
  Reverse Windows shell over TLS
  ☆19Updated 9 years ago
• bytecode77 / component-services-privilege-escalation
  Component Services Volatile Environment LPE
  ☆11Updated 6 months ago
• paranoidninja / 0xdarkvortex-red-team-ttps-part-2
  Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2
  ☆18Updated 4 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• XaFF-XaFF / AMSI-Bypass
  Rasta's mouse AMSI patch but with function that makes it undetectable.
  ☆13Updated 4 years ago
• Darkabode / 0ctrl
  Zerokit server controller
  ☆13Updated 6 years ago
• sysopfb / VM_Timing_Detect
  ☆13Updated 8 years ago
• melardev / XeytanWin32-RAT
  WORK IN PROGRESS. RAT written in C++ using Win32 API
  ☆19Updated 5 years ago
• nyx0 / Grum
  The Grum Spam Bot
  ☆20Updated 10 years ago
• Nervous / GreenKit-Rootkit
  GreenKit is an userland rootkit hiding its own files and mining bitcoins on compromised computers. Do /NOT/ download or use this rootkit …
  ☆44Updated 7 years ago
• jasondrawdy / ShellGen
  Dynamic and extensible shell code generator with multiple output types which can be formatted in binary, hexadecimal, and the typical she…
  ☆19Updated 5 years ago
• 0x25bit / darkRat_HVNC
  DarkRats Standalone HVNC
  ☆24Updated 3 years ago