Alternatives and similar repositories for ServerlessRedirector:

Users that are interested in ServerlessRedirector are comparing it to the libraries listed below

• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆88Updated 2 years ago
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆55Updated 2 years ago
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆114Updated last year
• 0xe7 / RoastInTheMiddle
  ☆70Updated last year
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆87Updated 2 years ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆78Updated 2 years ago
• MrAle98 / Sliver-PortBender
  Sliver extension performing TCP redirection tasks without performing cross-process injection.
  ☆62Updated 2 weeks ago
• rasta-mouse / MinHook.NET
  A C# port of the MinHook API hooking library
  ☆50Updated 2 years ago
• wotwot563 / aad_prt_bof
  ☆98Updated 9 months ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• dsnezhkov / shutter
  ☆111Updated 3 years ago
• Dramelac / GoldenCopy
  Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.
  ☆83Updated 8 months ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• EspressoCake / Process_Protection_Level_BOF
  ☆54Updated 3 years ago
• rkbennett / pybof
  Python module for running BOFs
  ☆64Updated last year
• waawaa / AMSI_Rubeus_bypass
  ☆61Updated 2 years ago
• Crypt0s / DelegationBOF
  ☆139Updated 2 years ago
• S4ntiagoP / donut
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆111Updated last year
• Wh04m1001 / DiagTrackEoP
  ☆89Updated 2 years ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• mlcsec / ASRenum-BOF
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆144Updated 10 months ago
• kymb0 / Stealth_shellcode_runners
  ☆55Updated 10 months ago
• morRubin / NegoExRelay
  ☆83Updated 2 years ago
• leftp / DPAPISnoop
  A C# tool to output crackable DPAPI hashes from user MasterKeys
  ☆132Updated 4 months ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆66Updated 7 months ago
• bohops / DynamicDotNet
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆139Updated 8 months ago
• t94j0 / adexplorersnapshot-rs
  ☆74Updated 6 months ago
• powerseb / PowerExtract
  ☆113Updated last year
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆77Updated 2 months ago
• RedSiege / RandomScripts
  Scripts for public use that we've randomly written, or have updated from other people's work.
  ☆40Updated 7 months ago