Alternatives and similar repositories for AuthStager:

Users that are interested in AuthStager are comparing it to the libraries listed below

• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 8 months ago
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆38Updated 9 months ago
• jsecu / ModTask
  ☆52Updated 4 months ago
• OtterHacker / AWSRedirector
  ☆54Updated 2 months ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆54Updated 2 months ago
• 0xRedpoll / SignalKeyBOF
  BOF to decrypt Signal Desktop chat logs
  ☆65Updated 2 months ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 7 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆40Updated last year
• ibaiC / FriendlyFireBOF
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆46Updated 3 weeks ago
• PShlyundin / TimeSync
  Tool to obtain hash using MS-SNTP for user accounts
  ☆21Updated 3 months ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• xelemental / Mal-LNK-Generator
  ☆34Updated last month
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 9 months ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆41Updated 5 months ago
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆49Updated 4 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆29Updated last year
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆50Updated 5 months ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆27Updated last year
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated 10 months ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 7 months ago
• rasta-mouse / SpawnWith
  ☆106Updated 2 months ago
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆82Updated 6 months ago
• Teach2Breach / pool_party_rs
  remote process injections using pool party techniques
  ☆59Updated 2 months ago
• safedv / GPOAnalyzer
  GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.
  ☆27Updated 10 months ago
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆70Updated last month
• passthehashbrowns / Being-A-Good-CLR-Host
  ☆57Updated 3 months ago
• EricEsquivel / OpsLoader
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆35Updated 7 months ago
• rasta-mouse / KerbApp
  ☆28Updated 11 months ago
• grayhatkiller / SharpExShell
  SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
  ☆70Updated last year