Alternatives and similar repositories for Invoke-RunAsSystem

Users that are interested in Invoke-RunAsSystem are comparing it to the libraries listed below

• Tylous / Ivy
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆24Updated 2 years ago
• deepinstinct / VSTO-POC
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆31Updated 2 years ago
• reznok / MemoryLoader
  A .NET binary loader that bypasses AMSI
  ☆45Updated 4 years ago
• eversinc33 / UnXorStringsNet
  Deobfuscation of XorStringsNet
  ☆14Updated 11 months ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• GetRektBoy724 / ReversePowernoid
  Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)
  ☆30Updated 3 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• d1rkmtrr / PSpersist
  Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…
  ☆84Updated 2 years ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆75Updated 2 years ago
• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Updated 3 years ago
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆52Updated 5 years ago
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆84Updated 2 years ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated 2 years ago
• rbmm / SDD
  Self Delete DLL
  ☆23Updated last year
• Offensive-Panda / C2_Elevated_Shell_DLL_Hijcking
  DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…
  ☆44Updated last year
• improsec / CaddyStager
  ☆39Updated 3 years ago
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆41Updated last month
• Tylous / Dent
  A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
  ☆15Updated 2 years ago
• Bl4ckM1rror / PEAs
  ☆60Updated last year
• theart42 / Sharpcat
  A port of classic netcat to C#
  ☆32Updated 2 years ago
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Updated 3 years ago
• m8sec / EAPrimer
  C# project to Reflectively load .Net assemblies in memory
  ☆18Updated last year
• 0xe7 / PowerSploit
  PowerSploit - A PowerShell Post-Exploitation Framework
  ☆42Updated 7 months ago
• S3cur3Th1sSh1t / SharpUnhooker
  C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)
  ☆25Updated 2 years ago
• VirtualAlllocEx / DSC_SVC_REMOTE
  This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…
  ☆55Updated 2 years ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆30Updated last year
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆69Updated last year
• bitsadmin / dir2json
  Tool for efficient directory enumeration
  ☆65Updated last year
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆27Updated 2 years ago
• t3hbb / citrixphishlet
  Citrix Phishlet
  ☆24Updated 4 years ago