Advanced In-Memory PowerShell Process Injection Framework
☆73Jul 16, 2025Updated 7 months ago
Alternatives and similar repositories for PhantomInjector
Users that are interested in PhantomInjector are comparing it to the libraries listed below
Sorting:
- ☆17Jan 9, 2025Updated last year
- SAM Dumping in C#☆54Nov 27, 2025Updated 3 months ago
- Powershell and python utilties for Entra Connect☆28Jun 5, 2025Updated 8 months ago
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆55Jul 13, 2025Updated 7 months ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Stage 0☆169Dec 18, 2024Updated last year
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆76Oct 27, 2025Updated 4 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- custom impacket mssqlclient☆26Sep 16, 2023Updated 2 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated last month
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆232Feb 12, 2025Updated last year
- Linux CS bypass technique☆32Feb 4, 2025Updated last year
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 5 months ago
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated 11 months ago
- Dump Kerberos tickets☆44Aug 4, 2025Updated 6 months ago
- ☆31Jul 26, 2024Updated last year
- Caesar-Cipher based encryption☆29Mar 1, 2021Updated 5 years ago
- ☆38Apr 15, 2025Updated 10 months ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- Remotely Enumerate sessions using undocumented Windows Station APIs☆117Aug 21, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆215Oct 19, 2024Updated last year
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆206Aug 12, 2024Updated last year
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- Sh3ller is a lightweight C2 framework in its simplest form.☆31Sep 5, 2025Updated 5 months ago
- Ghosting-AMSI☆225Apr 24, 2025Updated 10 months ago
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆266Feb 22, 2025Updated last year
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆59Apr 13, 2025Updated 10 months ago
- ACL Viewer for Windows☆133May 4, 2025Updated 10 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆221Jun 4, 2025Updated 9 months ago
- ☆53Sep 23, 2025Updated 5 months ago
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆163Nov 2, 2025Updated 4 months ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- Repo hacks☆21Dec 7, 2025Updated 2 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- ☆26Aug 11, 2025Updated 6 months ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆60Dec 11, 2024Updated last year