Advanced In-Memory PowerShell Process Injection Framework
☆74Jul 16, 2025Updated 10 months ago
Alternatives and similar repositories for PhantomInjector
Users that are interested in PhantomInjector are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Jan 9, 2025Updated last year
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆58Jul 13, 2025Updated 10 months ago
- Powershell and python utilties for Entra Connect☆29Jun 5, 2025Updated 11 months ago
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆83Mar 15, 2026Updated 2 months ago
- SAM Dumping in C#☆55Nov 27, 2025Updated 5 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- custom impacket mssqlclient☆26Sep 16, 2023Updated 2 years ago
- Client-side Encrypted Upload Server Python Script☆67Jul 10, 2025Updated 10 months ago
- Sh3ller is a lightweight C2 framework in its simplest form.☆33Sep 5, 2025Updated 8 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆238Feb 12, 2025Updated last year
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 8 months ago
- Stage 0☆169Dec 18, 2024Updated last year
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆47Feb 6, 2026Updated 3 months ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- A nim port of C5pider's Ekko project.☆18Oct 1, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated last year
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated 2 years ago
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆64Apr 13, 2025Updated last year
- SMB deny-share handle research tool. Lock files on an enterprise share with zero writes, zero encryption, and zero alerts in any behavior…☆129May 15, 2026Updated last week
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆81Oct 27, 2025Updated 6 months ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆25Jul 5, 2023Updated 2 years ago
- rust port of pspy with support for process monitoring over dbus☆37Jan 4, 2026Updated 4 months ago
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆207Aug 12, 2024Updated last year
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆168Nov 2, 2025Updated 6 months ago
- Interract with Microsoft SQL Server (MS SQL | MSSQL) servers and their linked instances in restricted environments, without the need for …☆64Updated this week
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆130Jan 17, 2026Updated 4 months ago
- ☆26Aug 11, 2025Updated 9 months ago
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆127Mar 30, 2026Updated last month
- A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself☆96Apr 9, 2026Updated last month
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆231Oct 6, 2024Updated last year
- ☆52Mar 30, 2026Updated last month
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆133Feb 17, 2026Updated 3 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆229Jun 4, 2025Updated 11 months ago
- ☆31Jul 26, 2024Updated last year
- Linux CS bypass technique☆33Feb 4, 2025Updated last year
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆76Dec 26, 2025Updated 4 months ago
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆170Nov 17, 2025Updated 6 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆217Oct 19, 2024Updated last year