Alternatives and similar repositories for catdumper:

Users that are interested in catdumper are comparing it to the libraries listed below

• Uri3n / Advanced-TLS-Injection
  Threadless injection via TLS callbacks
  ☆16Updated 3 months ago
• RATandC2 / FilelessNtdllReflection
  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…
  ☆15Updated 2 years ago
• ProcessusT / EnumSSN
  Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…
  ☆19Updated last year
• lem0nSec / ASM_World
  Offensive Assembly code snippets.
  ☆12Updated last year
• EvanMcBroom / sleepy
  A lexer and parser for Sleep
  ☆16Updated last month
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆16Updated last year
• S12cybersecurity / WindowInjector
  Linux Malware creator to attack Windows System via Reverse Shell with FindWindow Process Code Injection
  ☆14Updated last year
• rbmm / DirectSysCall
  ☆12Updated last year
• paranoidninja / BRC4-Seminar-Stage-I
  These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…
  ☆19Updated last year
• MaorSabag / LoaderInjector
  ☆19Updated 2 years ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆18Updated 3 weeks ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆18Updated last year
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆25Updated 11 months ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆19Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 5 months ago
• TimMisiak / RunWithDll
  A utility that can be used to launch an executable with a DLL injected
  ☆18Updated last year
• Allevon412 / BenignHunter
  ☆16Updated 7 months ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• pwn1sher / RTImplant
  Just another casual shellcode native loader
  ☆24Updated 3 years ago
• atabetnouhaila / API-hashing
  ☆18Updated 4 months ago
• thefLink / Memfiddler
  Executes shellcode from a remote server and aims to evade in-memory scanners
  ☆31Updated 5 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆30Updated last year
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆28Updated 7 months ago
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 3 years ago
• MzHmO / PPLDescribe
  Tool for obtaining information about PPL processes
  ☆17Updated last year
• florylsk / AmsiBypass123
  ☆13Updated 2 years ago
• rbmm / Hollowed-Process
  ☆25Updated last week
• Meckazin / HidingFromETW
  PoC for detecting and evading ETW detection of .Net Assembly.Load
  ☆19Updated 4 years ago