Alternatives and similar repositories for HollowGhost:

Users that are interested in HollowGhost are comparing it to the libraries listed below

• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆56Updated 8 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 6 months ago
• ZERODETECTION / MSC_Dropper
  ☆140Updated 7 months ago
• 0xNinjaCyclone / PowerLoad3r
  Malicious powershell scripts loader designed to avoid detection.
  ☆48Updated last year
• Ghost53574 / havoc_profile_generator
  Havoc C2 profile generator
  ☆71Updated 4 months ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆147Updated last year
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆66Updated last year
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆82Updated 2 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆176Updated last year
• Z4kSec / IoctlHunter
  IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.
  ☆96Updated last year
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆87Updated 9 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆132Updated 9 months ago
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆157Updated 9 months ago
• NtDallas / Draugr
  BOF with Synthetic Stackframe
  ☆135Updated last week
• Ximoxkil547 / undetectableRevShell
  This repo is for the youtube video where we have explained how to make a detectable reverse shell undetectable by windows defender
  ☆26Updated 11 months ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆69Updated 4 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆61Updated 8 months ago
• p4p1 / havoc-privkit
  a port of privkit bof for havoc
  ☆23Updated last year
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆194Updated 8 months ago
• Wra7h / SingleDose
  Generate Shellcode Loaders & Injects
  ☆153Updated last year
• reveng007 / ReflectiveNtdll
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆171Updated 2 years ago
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆227Updated 8 months ago
• ZeroMemoryEx / IObit-EoP
  (0day) Local Privilege Escalation in IObit Malware Fighter
  ☆115Updated last month
• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆154Updated 2 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆28Updated 11 months ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆79Updated last year
• SaadAhla / AMSI_patch
  Patching AmsiOpenSession by forcing an error branching
  ☆143Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆46Updated 9 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆86Updated 8 months ago