Alternatives and similar repositories for HollowGhost:

Users that are interested in HollowGhost are comparing it to the libraries listed below

• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆60Updated 9 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 7 months ago
• p4p1 / havoc-privkit
  a port of privkit bof for havoc
  ☆23Updated last year
• ZERODETECTION / MSC_Dropper
  ☆148Updated 8 months ago
• Ghost53574 / havoc_profile_generator
  Havoc C2 profile generator
  ☆74Updated 5 months ago
• NtDallas / Draugr
  BOF with Synthetic Stackframe
  ☆137Updated last month
• 0xNinjaCyclone / PowerLoad3r
  Malicious powershell scripts loader designed to avoid detection.
  ☆50Updated last year
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆150Updated 3 weeks ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆151Updated last year
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆98Updated 3 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated 9 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆107Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆47Updated 10 months ago
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆177Updated last year
• sscoconutree / demontime
  Heavily obfuscated PowerShell reverse shell that can bypass Windows Defender
  ☆17Updated 3 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆140Updated 3 weeks ago
• c2pain / RustPatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass in Rust
  ☆43Updated 5 months ago
• rbmm / SC_DEMO
  ☆111Updated 3 weeks ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆69Updated 5 months ago
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆158Updated 10 months ago
• NtDallas / Ulfberht
  Shellcode loader
  ☆78Updated 4 months ago
• netero1010 / SCCMVNC
  A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…
  ☆85Updated 5 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated 9 months ago
• sexyiam / UAC-Bypass
  UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.
  ☆46Updated 10 months ago
• boku7 / patchwerk
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆171Updated last month
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆174Updated 2 months ago
• reveng007 / ReflectiveNtdll
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆171Updated 2 years ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆80Updated last year
• Ximoxkil547 / undetectableRevShell
  This repo is for the youtube video where we have explained how to make a detectable reverse shell undetectable by windows defender
  ☆26Updated last year