Alternatives and similar repositories for Windows-Exploitation

Users that are interested in Windows-Exploitation are comparing it to the libraries listed below

• ASP4RUX / bypassEDR-AV
  ☆57Updated 7 months ago
• Primusinterp / PrimusC2
  A C2 framework built for my bachelors thesis
  ☆55Updated 7 months ago
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated last year
• 0xAbdullah / Offensive-Snippets
  A repository with my code snippets for research/education purposes.
  ☆50Updated last year
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆40Updated last year
• matro7sh / matro7sh_loaders
  this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
  ☆83Updated last year
• aress31 / clm-rout
  A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
  ☆19Updated 2 years ago
• vulnableone / BypassX
  The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.
  ☆28Updated last year
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆42Updated 9 months ago
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆38Updated 11 months ago
• smokeme / PDFator
  ☆27Updated 2 years ago
• Ximoxkil547 / undetectableRevShell
  This repo is for the youtube video where we have explained how to make a detectable reverse shell undetectable by windows defender
  ☆26Updated last year
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆36Updated 6 months ago
• BlackShell256 / ShellGo
  Simple Shellcode Loader tool
  ☆26Updated last year
• n0tspam / RunspaceLoader
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Updated last year
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• overgrowncarrot1 / SMB_Killer
  Used to get NTLMv2 Hashes from SMB
  ☆14Updated 8 months ago
• 0xNinjaCyclone / PowerLoad3r
  Malicious powershell scripts loader designed to avoid detection.
  ☆50Updated 2 years ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆30Updated last year
• lleon1435 / BypassAV
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆15Updated last year
• seriotonctf / Red-Team-Notes
  ☆42Updated this week
• trevorsaudi / Zero-Import-Malware
  Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…
  ☆39Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆58Updated 10 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆52Updated 6 months ago
• 808ale / NetRunners
  Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.
  ☆12Updated last month
• snovvcrash / exfiltrate
  exfiltration/infiltration toolkit
  ☆23Updated last year
• susMdT / SharpAgent
  C# havoc implant
  ☆100Updated 2 years ago
• ELMERIKH / PyinMemoryPE
  execute PE in memory Filelessly
  ☆43Updated 4 months ago
• The-Viper-One / Invoke-RDPThief
  Inject RDPThief into memory with PowerShell.
  ☆64Updated 5 months ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated last year