Alternatives and similar repositories for Shelter

Users that are interested in Shelter are comparing it to the libraries listed below

• Kudaes / Unwinder

  View on GitHub
  Call stack spoofing for Rust
  ☆356Feb 7, 2025Updated last year
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆259Jun 29, 2024Updated last year
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆432Dec 21, 2023Updated 2 years ago
• Kudaes / DInvoke_rs

  View on GitHub
  Dynamically invoke arbitrary unmanaged code
  ☆358Nov 20, 2024Updated last year
• itm4n / PPLrevenant

  View on GitHub
  Bypass LSA protection using the BYODLL technique
  ☆171Sep 21, 2024Updated last year
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆366Apr 19, 2023Updated 2 years ago
• janoglezcampos / rust_syscalls

  View on GitHub
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆230Mar 23, 2023Updated 2 years ago
• icyguider / UAC-BOF-Bonanza

  View on GitHub
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆603Feb 21, 2024Updated last year
• MalwareTech / EDR-Preloader

  View on GitHub
  An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
  ☆539Feb 13, 2024Updated 2 years ago
• NtDallas / KrakenMask

  View on GitHub
  Sleep obfuscation
  ☆265Dec 13, 2024Updated last year
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆609Jan 2, 2025Updated last year
• Kudaes / Fiber

  View on GitHub
  Using fibers to run in-memory code.
  ☆240Oct 19, 2023Updated 2 years ago
• hakaioffsec / coffee

  View on GitHub
  A COFF loader made in Rust
  ☆327Aug 20, 2025Updated 5 months ago
• senzee1984 / InflativeLoading

  View on GitHub
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆325Apr 12, 2024Updated last year
• Kudaes / ADPT

  View on GitHub
  DLL proxying for lazy people
  ☆198Dec 1, 2025Updated 2 months ago
• pard0p / CallstackSpoofingPOC

  View on GitHub
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆425Feb 11, 2024Updated 2 years ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆678Oct 23, 2024Updated last year
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆772Jan 26, 2026Updated 2 weeks ago
• joaoviictorti / uwd

  View on GitHub
  Call Stack Spoofing for Rust
  ☆210Jan 28, 2026Updated 2 weeks ago
• Kudaes / EPI

  View on GitHub
  Threadless Process Injection through entry point hijacking
  ☆351Sep 10, 2024Updated last year
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆222Dec 3, 2025Updated 2 months ago
• janoglezcampos / llvm-yx-callobfuscator

  View on GitHub
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆321Jan 17, 2024Updated 2 years ago
• Nariod / RustPacker

  View on GitHub
  Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.
  ☆318Jun 24, 2025Updated 7 months ago
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆231Feb 12, 2025Updated last year
• klezVirus / SilentMoonwalk

  View on GitHub
  PoC Implementation of a fully dynamic call stack spoofer
  ☆901Jul 20, 2024Updated last year
• yamakadi / clroxide

  View on GitHub
  A rust library that allows you to host the CLR and execute dotnet binaries.
  ☆235Mar 12, 2025Updated 11 months ago
• susMdT / LoudSunRun

  View on GitHub
  Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
  ☆254Oct 16, 2024Updated last year
• ElliotKillick / LdrLockLiberator

  View on GitHub
  For when DLLMain is the only way
  ☆423Oct 29, 2024Updated last year
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆408Jan 11, 2026Updated last month
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆808Sep 4, 2024Updated last year
• SafeBreach-Labs / PoolParty

  View on GitHub
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆1,243Dec 11, 2023Updated 2 years ago
• kyleavery / pendulum

  View on GitHub
  Linux Sleep Obfuscation
  ☆107Jan 7, 2024Updated 2 years ago
• MalwareTech / EDRception

  View on GitHub
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆202Dec 27, 2023Updated 2 years ago
• RedSiege / GraphStrike

  View on GitHub
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆621Jun 25, 2024Updated last year
• Teach2Breach / moonwalk

  View on GitHub
  find dll base addresses without PEB WALK
  ☆157Jul 13, 2025Updated 7 months ago
• trickster0 / NamelessC2

  View on GitHub
  Nameless C2 - A C2 with all its components written in Rust
  ☆282Sep 26, 2024Updated last year
• joaoviictorti / rustclr

  View on GitHub
  Host CLR and run .NET binaries using Rust
  ☆149Dec 23, 2025Updated last month
• WKL-Sec / LayeredSyscall

  View on GitHub
  Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
  ☆296Jul 31, 2024Updated last year