Alternatives and similar repositories for Soviet-Thief

Users that are interested in Soviet-Thief are comparing it to the libraries listed below

• ntdll0 / HVNC
  My POC implementation of HVNC (Hidden VNC / Hidden Desktop)
  ☆25Updated 6 months ago
• Goodies365 / YandexDecrypt
  Decrypting yandex browser passwords
  ☆23Updated 3 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated last year
• x86byte / LummaC2-Stealer
  LummaC2 extracted binaries by reversing & LummaC2 Stealer Analysis
  ☆70Updated 5 months ago
• SilentDev33 / ChromeAppBound-key-injection
  Retrieve the Chrome App Bound key using DLL injection — no administrator privileges required and no need to run from the chrome folder in…
  ☆31Updated 2 months ago
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆72Updated last week
• 0xPrimo / KMDllInjector
  kernel-mode DLL Injector
  ☆92Updated 2 months ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆73Updated last year
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆161Updated last year
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆70Updated last year
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆166Updated 4 months ago
• EvilBytecode / Sryxen-Stealer-Paid-Source
  Stealer in c++.
  ☆42Updated 2 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆129Updated 2 months ago
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆57Updated 11 months ago
• XaFF-XaFF / CaveCarver
  CaveCarver - PE backdooring tool which utilizes and automates code cave technique
  ☆227Updated 2 years ago
• moom825 / visualstudio-suo-exploit
  This repository is a tool to create a .suo that when run by visual studio's will achieve code execution
  ☆111Updated last year
• KingKDot / PowerCrypt
  The best powershell obfuscator ever made
  ☆108Updated 3 months ago
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆180Updated last year
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆229Updated 7 months ago
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆95Updated 9 months ago
• ZeroMemoryEx / URootkit
  simple user-mode Rootkit
  ☆104Updated 2 years ago
• tehstoni / LexiCrypt
  Shellcode encryptor using a substitution cipher with a randomly generated key.
  ☆131Updated 6 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆75Updated 11 months ago
• ZeroMemoryEx / CVE-2025-26125
  (0day) Local Privilege Escalation in IObit Malware Fighter
  ☆142Updated 3 months ago
• akamai / Mirage
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆92Updated 4 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆72Updated 2 months ago
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆165Updated 9 months ago
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆233Updated last year
• Intrus1ve / Runpe-ProcessHollowing
  Fud Runpe Av Evasion / All Av Bypass
  ☆33Updated 2 years ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆38Updated 7 months ago