Alternatives and similar repositories for P4wnP1_aloa

Users that are interested in P4wnP1_aloa are comparing it to the libraries listed below

• Offensive-Panda / WPM-MAJIC-ENTRY-POINT-INJECTION

  View on GitHub
  This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…
  ☆18Oct 31, 2024Updated last year
• MaorSabag / impacket-jump

  View on GitHub
  Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…
  ☆119Dec 7, 2025Updated 2 months ago
• ghostbyt3 / BYOVDFinder

  View on GitHub
  Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
  ☆75Jul 25, 2025Updated 6 months ago
• temp43487580 / EntraPassTheCert

  View on GitHub
  tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it
  ☆131Aug 23, 2025Updated 5 months ago
• EvilWhales / ShadowDropper

  View on GitHub
  ShadowDropper is a utility for covertly delivering and executing payloads on a target system.
  ☆26Jul 4, 2025Updated 7 months ago
• 123ojp / VxLAN-Scanner

  View on GitHub
  This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆28Jul 21, 2025Updated 6 months ago
• Fudgedotdotdot / nimpersonate

  View on GitHub
  Impersonate Windows tokens in Nim
  ☆23Aug 4, 2025Updated 6 months ago
• garrettfoster13 / scomhunter

  View on GitHub
  ☆31Updated this week
• LazyTitan33 / DomainPasswordSpray

  View on GitHub
  DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…
  ☆13Jul 16, 2025Updated 7 months ago
• grayhatkiller / wambam-bof

  View on GitHub
  ☆47Dec 5, 2025Updated 2 months ago
• Hubbl3 / ThreatCheck

  View on GitHub
  Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
  ☆11May 17, 2024Updated last year
• professor-moody / scorch

  View on GitHub
  ☆40Dec 24, 2025Updated last month
• samisecure / LsassDumpReflectiveDll

  View on GitHub
  Dump Lsass Memory Using a Reflective Dll
  ☆14Feb 4, 2022Updated 4 years ago
• jfmaes / phisherman

  View on GitHub
  A real fake social engineering app
  ☆130Jul 13, 2025Updated 7 months ago
• myexploit / Hunt

  View on GitHub
  ☆20Nov 5, 2025Updated 3 months ago
• VirtualAlllocEx / CS-EDR-Enumeration

  View on GitHub
  Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…
  ☆34Feb 6, 2026Updated last week
• Shrfnt77 / AmsiBypass

  View on GitHub
  Bypassing Amsi using LdrLoadDll
  ☆47Jan 8, 2025Updated last year
• garrettfoster13 / mssqlkaren

  View on GitHub
  modified mssqlclient from impacket to extract policies from the SCCM database
  ☆42Nov 4, 2025Updated 3 months ago
• Leo4j / Invoke-ShareHunter

  View on GitHub
  Enumerate the Domain for Readable and Writable Shares
  ☆23Nov 14, 2025Updated 3 months ago
• nickvourd / Responder-Parser

  View on GitHub
  Most Responder's configuration power in your hand.
  ☆53Jan 19, 2025Updated last year
• som3canadian / Mythic_NimSyscallPacker_Wrapper

  View on GitHub
  Mythic C2 wrapper for NimSyscallPacker
  ☆25Mar 12, 2025Updated 11 months ago
• Offensive-Panda / D3MPSEC

  View on GitHub
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆28Sep 18, 2024Updated last year
• captain-woof / malware-study

  View on GitHub
  My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to any…
  ☆111Jun 16, 2025Updated 7 months ago
• RootInj3c / MalDev-Analyzer-MCP

  View on GitHub
  Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…
  ☆43Aug 10, 2025Updated 6 months ago
• D4rthMaulCop / DumpKernel-S1

  View on GitHub
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆21Apr 2, 2025Updated 10 months ago
• OtterHacker / Hooker

  View on GitHub
  ☆109Oct 29, 2024Updated last year
• LuxNoBulIshit / Smug_Fu3k

  View on GitHub
  ☆53Apr 1, 2022Updated 3 years ago
• dmcxblue / AzureRedirector

  View on GitHub
  A C# project that builds a Web Application which redirects all HTTPS
  ☆26Feb 11, 2025Updated last year
• Ap3x / Panoptes

  View on GitHub
  Panoptes Endpoint Detection and Response Solution
  ☆42Jan 19, 2026Updated 3 weeks ago
• ly4k / Impacket

  View on GitHub
  Modified version of Impacket to use dynamic NTLMv2 Challenge/Response
  ☆20Dec 26, 2022Updated 3 years ago
• V-i-x-x / win11-kernel-execution-syscall-hijack

  View on GitHub
  Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)
  ☆57Jun 15, 2025Updated 8 months ago
• amberchalia / fraction_loader

  View on GitHub
  ☆48Oct 14, 2025Updated 4 months ago
• S3cur3Th1sSh1t / Nim_DInvoke

  View on GitHub
  D/Invoke implementation in Nim
  ☆103Jun 8, 2022Updated 3 years ago
• dobin / antniumui

  View on GitHub
  The Web UI for Antnium
  ☆27Jun 14, 2022Updated 3 years ago
• mr-r3b00t / NotProxyShellHunter

  View on GitHub
  Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082
  ☆26Oct 2, 2022Updated 3 years ago
• morRubin / AzureADJoinedMachinePTC

  View on GitHub
  Tool to perform lateral movement between AAD joined devices
  ☆66Jun 8, 2022Updated 3 years ago
• patrickt2017 / VEHNetLoader

  View on GitHub
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆50Jul 6, 2025Updated 7 months ago
• Nicolas-Arsenault / Havoc-C2-RCE-2024

  View on GitHub
  Abusing SSRF to deliver an authenticated command injection payload
  ☆30Sep 1, 2025Updated 5 months ago
• maxDcb / C2Implant

  View on GitHub
  Windows C++ Implant for Exploration C2
  ☆44Jan 26, 2026Updated 3 weeks ago