Alternatives and similar repositories for stealthInjector

Users that are interested in stealthInjector are comparing it to the libraries listed below

• aaaddress1 / xlsKami

  View on GitHub
  Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets
  ☆48Aug 4, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SyscallAmsiScanBufferBypass

  View on GitHub
  AmsiScanBufferBypass using D/Invoke
  ☆136Jun 17, 2021Updated 4 years ago
• mobdk / Sigma

  View on GitHub
  Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx
  ☆15Apr 26, 2021Updated 4 years ago
• Aetsu / SLib

  View on GitHub
  SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#
  ☆66Aug 29, 2023Updated 2 years ago
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆283Sep 18, 2021Updated 4 years ago
• ChoiSG / UuidShellcodeExec

  View on GitHub
  PoC for UUID shellcode execution using DInvoke
  ☆155Mar 8, 2021Updated 4 years ago
• IonizeCbr / AmsiPatchDetection

  View on GitHub
  ☆21Jan 28, 2020Updated 6 years ago
• fashionproof / CheckSafeBoot

  View on GitHub
  I used this to see if an EDR is running in Safe Mode
  ☆36Feb 13, 2021Updated 5 years ago
• Paulo-D2000 / ShellCodeObfuscator

  View on GitHub
  Simple shellcode obfuscator using PYTHON and C / C++
  ☆74Jun 17, 2020Updated 5 years ago
• khchen / memlib

  View on GitHub
  Load Windows DLL from memory
  ☆136Mar 28, 2023Updated 2 years ago
• STMCyber / boobsnail

  View on GitHub
  BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.
  ☆259Mar 6, 2025Updated 11 months ago
• bigb0sss / Bankai

  View on GitHub
  Another Go Shellcode Loader using Windows APIs
  ☆141Nov 4, 2021Updated 4 years ago
• moloch-- / DarkLoadLibrary

  View on GitHub
  LoadLibrary for offensive operations
  ☆33Dec 14, 2021Updated 4 years ago
• BinaryScary / NET-Obfuscate

  View on GitHub
  Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI
  ☆239Jun 9, 2023Updated 2 years ago
• bats3c / DefensiveInjector

  View on GitHub
  Shellcode injector using direct syscalls
  ☆123Aug 17, 2020Updated 5 years ago
• SolomonSklash / SleepyCrypt

  View on GitHub
  A shellcode function to encrypt a running process image when sleeping.
  ☆340Sep 11, 2021Updated 4 years ago
• RedSection / OffensivePH

  View on GitHub
  OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
  ☆334Oct 9, 2021Updated 4 years ago
• klezVirus / CandyPotato

  View on GitHub
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆313Sep 16, 2021Updated 4 years ago
• OG-Sadpanda / SharpSword

  View on GitHub
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆117Sep 30, 2024Updated last year
• TomOS3 / UserModeUnhooking

  View on GitHub
  This project is created for research into antivirus evasion by unhooking.
  ☆18Sep 2, 2021Updated 4 years ago
• hack2fun / EventLogBypass

  View on GitHub
  Terminate the eventlog thread to disable the windows eventlog
  ☆21Apr 1, 2020Updated 5 years ago
• Apr4h / GetInjectedThreads

  View on GitHub
  C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
  ☆54Jul 11, 2021Updated 4 years ago
• Cobalt-Strike / beacon_health_check

  View on GitHub
  This aggressor script uses a beacon's note field to indicate the health status of a beacon.
  ☆141Sep 29, 2021Updated 4 years ago
• rvrsh3ll / RuralBishop

  View on GitHub
  D/Invoke port of UrbanBishop
  ☆30Dec 13, 2020Updated 5 years ago
• Barbarisch / forkatz

  View on GitHub
  credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege
  ☆123May 22, 2021Updated 4 years ago
• immunIT / TeamsUserEnum

  View on GitHub
  User enumeration with Microsoft Teams API
  ☆175Jul 9, 2021Updated 4 years ago
• pwn1sher / CS-BOFs

  View on GitHub
  Collection of CobaltStrike beacon object files
  ☆105Feb 14, 2022Updated 3 years ago
• G0ldenGunSec / SharpTransactedLoad

  View on GitHub
  Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
  ☆173May 5, 2021Updated 4 years ago
• optiv / Dent

  View on GitHub
  A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
  ☆297Aug 18, 2023Updated 2 years ago
• ByteJunkies-co-uk / Metsubushi

  View on GitHub
  Generate droppers with encrypted payloads automatically.
  ☆54Nov 16, 2021Updated 4 years ago
• joshfaust / Simple-Loader

  View on GitHub
  Windows Defender ShellCode Execution Bypass
  ☆129Dec 2, 2019Updated 6 years ago
• moloch-- / denim

  View on GitHub
  Automated compiler obfuscation for nim
  ☆140Jun 27, 2022Updated 3 years ago
• boku7 / HOLLOW

  View on GitHub
  EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…
  ☆292Mar 8, 2023Updated 2 years ago
• rxwx / cs-rdll-ipc-example

  View on GitHub
  Example code for using named pipe output with beacon ReflectiveDLLs
  ☆121Jun 24, 2020Updated 5 years ago
• rookuu / BOFs

  View on GitHub
  Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.
  ☆185Feb 11, 2021Updated 5 years ago
• panagioto / SyscallHide

  View on GitHub
  Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
  ☆79Feb 27, 2020Updated 5 years ago
• checkymander / Carbuncle

  View on GitHub
  Tool for interacting with outlook interop during red team engagements
  ☆146Jun 29, 2021Updated 4 years ago
• Yaxser / COFFLoader2

  View on GitHub
  Load and execute COFF files and Cobalt Strike BOFs in-memory
  ☆226Sep 13, 2022Updated 3 years ago
• ch3rn0byl / HookedRDP

  View on GitHub
  ☆52Dec 11, 2019Updated 6 years ago