Alternatives and similar repositories for Bin-Finder:

Users that are interested in Bin-Finder are comparing it to the libraries listed below

• zblurx / impersonate-rs
  Rusty Impersonate
  ☆95Updated last year
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆98Updated 9 months ago
• mansk1es / GhostFart
  ☆136Updated last year
• rad9800 / FileRenameJunctionsEDRDisable
  ☆154Updated 4 months ago
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆114Updated last year
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆97Updated 2 months ago
• zimnyaa / noWatch
  Implant drop-in for EDR testing
  ☆138Updated last year
• ZERODETECTION / MSC_Dropper
  ☆154Updated 9 months ago
• Octoberfest7 / BeatRev
  POC for frustrating/defeating Malware Analysts
  ☆154Updated 2 years ago
• safedv / RustVEHSyscalls
  A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
  ☆143Updated 6 months ago
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆116Updated last year
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Updated last year
• thiagopeixoto / massayo
  Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL
  ☆65Updated 2 years ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Updated last year
• ipSlav / DirtyCLR
  An App Domain Manager Injection DLL PoC on steroids
  ☆171Updated last year
• xforcered / Being-A-Good-CLR-Host
  ☆105Updated 3 months ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆84Updated last year
• Octoberfest7 / Enumprotections_BOF
  A BOF to enumerate system process, their protection levels, and more.
  ☆116Updated 5 months ago
• kozmer / aad-bofs
  AzureAD beacon object files
  ☆118Updated 4 months ago
• x42en / sysplant
  Your syscall factory
  ☆121Updated 2 months ago
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆175Updated 5 months ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆88Updated 2 years ago
• Helixo32 / SimpleEDR
  Simple EDR that injects a DLL into a process to place a hook on specific Windows API
  ☆91Updated last year
• Octoberfest7 / enumhandles_BOF
  ☆126Updated 8 months ago
• nettitude / Tartarus-TpAllocInject
  ☆184Updated last year
• passthehashbrowns / BOFMask
  ☆122Updated last year
• trustedsec / DitExplorer
  Tool for viewing NTDS.dit
  ☆161Updated last month
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆76Updated last year
• klezVirus / NimlineWhispers3
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆146Updated 2 years ago
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆130Updated 8 months ago