Alternatives and similar repositories for catdumper

Users that are interested in catdumper are comparing it to the libraries listed below

• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated 2 months ago
• amroes / FlexSheller
  ☆11Updated 4 months ago
• EvanMcBroom / sleepy
  A lexer and parser for Sleep
  ☆20Updated last month
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆24Updated 4 months ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 9 months ago
• 0xRedpoll / ludus_cobaltstrike_teamserver
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆15Updated 3 months ago
• klezVirus / AIDA64DRIVER-EoP
  AIDA64DRIVER Elevation of Privilege Vulnerability
  ☆13Updated 8 months ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated 2 months ago
• atabetnouhaila / API-hashing
  ☆18Updated 8 months ago
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆20Updated 2 years ago
• RATandC2 / FilelessNtdllReflection
  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…
  ☆15Updated 2 years ago
• rbmm / PfxViewer
  ☆10Updated 5 months ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆17Updated last year
• zimnyaa / stoplooking
  A simple BOF that disables some logging with NtSetInformationProcess
  ☆13Updated last year
• vysecurity / Nemesis-Download-Watcher
  Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.
  ☆14Updated last year
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• hackforyourentertainment / Misery
  Misery Loader to bypass modern EDR solutions
  ☆11Updated 6 months ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆41Updated 7 months ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆32Updated last year
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆28Updated 11 months ago
• paranoidninja / BRC4-Seminar-Stage-I
  These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…
  ☆19Updated last year
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆27Updated last year
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆22Updated 2 months ago
• KingOfTheNOPs / EnableWebDAVClient-BOF
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆22Updated last year
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆27Updated 5 months ago
• rbmm / DirectSysCall
  ☆12Updated last year
• FalconForceTeam / bof-winrm-plugin-jump
  ☆27Updated 5 months ago
• TimMisiak / RunWithDll
  A utility that can be used to launch an executable with a DLL injected
  ☆20Updated last year
• KingOfTheNOPs / ChangeWallpaper-BOF
  Cobalt Strike Beacon Object File to to change the user's desktop wallpaper
  ☆14Updated last year
• whokilleddb / funcshenanigans
  A bunch of shenanigans using functions, VEH and more
  ☆24Updated 2 weeks ago