Alternatives and similar repositories for PowerCrypt

Users that are interested in PowerCrypt are comparing it to the libraries listed below

• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆103Updated 9 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆91Updated 9 months ago
• almounah / go-buena-clr
  Good CLR Host with Native patchless AMSI Bypass
  ☆101Updated 9 months ago
• 0xNinjaCyclone / AsmLdr
  Dynamic shellcode loader with sophisticated evasion capabilities
  ☆282Updated 4 months ago
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆97Updated last year
• EvilBytecode / EByte-Ransomware
  Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.
  ☆46Updated 9 months ago
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆135Updated 5 months ago
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆155Updated last year
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆165Updated 6 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• MzHmO / Parasite-Invoke
  Hide your P/Invoke signatures through other people's signed assemblies
  ☆211Updated last year
• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆165Updated last year
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆183Updated 2 years ago
• netero1010 / SCCMVNC
  A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…
  ☆115Updated last year
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆44Updated last year
• ricardojoserf / NativeBypassCredGuard
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆265Updated 10 months ago
• cybersectroll / TrollUAC
  ☆144Updated last year
• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆138Updated 8 months ago
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆203Updated 11 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆101Updated last year
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆167Updated last year
• gatariee / Winton
  Command and Control (C2) framework
  ☆132Updated 8 months ago
• paranoidninja / BRC4-BOF-Artillery
  ☆145Updated 3 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 10 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆102Updated 2 years ago
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆62Updated 6 months ago
• xM0kht4r / AV-EDR-Killer
  AV/EDR processes termination by exploiting a vulnerable driver (BYOVD)
  ☆208Updated 2 weeks ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆159Updated last year
• rubenformation / ms-photos_NTLM_Leak
  New 0 day vulnerability allowing to leak NTLM hashes from browsers with one click
  ☆206Updated 2 months ago
• almounah / superdeye
  Indirect Syscall with TartarusGate Approach in Go
  ☆134Updated 7 months ago