Alternatives and similar repositories for RustChain

Users that are interested in RustChain are comparing it to the libraries listed below

• Kudaes / Dumpy
  Reuse open handles to dynamically dump LSASS.
  ☆246Updated last year
• tijme / amd-ryzen-master-driver-v17-exploit
  Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
  ☆145Updated 2 years ago
• eversinc33 / GpuDecryptShellcode
  XOR decrypting shellcode using the GPU with OpenCL.
  ☆100Updated last month
• safedv / Rustic64Shell
  A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
  ☆71Updated 2 months ago
• 0x00Check / ExploitLeakedHandle
  Identify and exploit leaked handles for local privilege escalation.
  ☆108Updated 2 years ago
• trickster0 / EDR_Detector
  EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.
  ☆94Updated 3 years ago
• klezVirus / NimlineWhispers3
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆146Updated 3 years ago
• xalicex / Killers
  Exploitation of process killer drivers
  ☆201Updated last year
• djackreuter / rustlualoader
  Shellcode loader that executes embedded Lua from Rust.
  ☆114Updated 6 months ago
• x42en / sysplant
  Your syscall factory
  ☆123Updated last week
• gabriellandau / EDRSandblast-GodFault
  EDRSandblast-GodFault
  ☆266Updated last year
• SaadAhla / D1rkSleep
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆121Updated 2 years ago
• enkomio / BrokenFlow
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆116Updated 2 years ago
• BlackSnufkin / Rusty-Playground
  Some Rust program I wrote while learning Malware Development
  ☆133Updated 4 months ago
• thefLink / Hunt-Weird-Syscalls
  ETW based POC to identify direct and indirect syscalls
  ☆187Updated 2 years ago
• NetSPI / BOF-PE
  An example reference design for a proposed BOF PE
  ☆175Updated 2 months ago
• Kudaes / Bin-Finder
  Detect EDR's exceptions by inspecting processes' loaded modules
  ☆130Updated last year
• SaadAhla / ntdlll-unhooking-collection
  different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
  ☆194Updated last year
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆77Updated last year
• whokilleddb / exe_who
  Executables on Disk? Bleh 🤮
  ☆100Updated 2 years ago
• Kudaes / CustomEntryPoint
  Select any exported function in a dll as the new dll's entry point.
  ☆80Updated 8 months ago
• LloydLabs / shellcode-plain-sight
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆205Updated 2 years ago
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆199Updated 2 years ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Updated last year
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆189Updated last year
• WithSecureLabs / TickTock
  ☆111Updated 2 years ago
• kyleavery / TitanLdr
  Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.
  ☆146Updated 2 years ago
• fortra / hw-call-stack
  Use hardware breakpoints to spoof the call stack for both syscalls and API calls
  ☆196Updated last year
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆73Updated 3 months ago
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆164Updated 9 months ago