Alternatives and similar repositories for LyinEagle

Users that are interested in LyinEagle are comparing it to the libraries listed below

• codewhitesec / daphne
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆17Updated last year
• EspressoCake / Needle_Sift_BOF
  Strstr with user-supplied needle and filename as a BOF.
  ☆32Updated 3 years ago
• monoxgas / minibus
  Remote code execution in Power Platform connectors via JSON deserialization
  ☆22Updated 2 years ago
• xenoscr / SharpMailBOF
  A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.
  ☆15Updated 4 years ago
• mdsecactivebreach / SharpAltiris
  ☆25Updated 2 years ago
• gam4er / SneakyRun
  Some stuff for PHD2021
  ☆14Updated last month
• xenoscr / compressedCredBandit
  A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
  ☆19Updated 4 years ago
• redskal / malrdp-deploy
  Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible
  ☆12Updated last year
• malcomvetter / TLAD
  The Totally Legit Authentication Dialog
  ☆12Updated last year
• R-Secure / AMSI-Bypasses
  This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…
  ☆24Updated 2 years ago
• xenoscr / offsecops-shared-library
  A collection of scripts used to support an OffSecOps pipeline.
  ☆14Updated 4 years ago
• audibleblink / davil
  leaking net-ntlm with webdav
  ☆25Updated 4 years ago
• ChoiSG / sNanoDumpInject
  NanoDumpInject from https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/ , minor edits with a few syscalls
  ☆11Updated 3 years ago
• NVISOsecurity / cobalt-strike-notifier
  ☆14Updated 3 years ago
• slemire / bof-adopt
  BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆15Updated 2 years ago
• Flangvik / collector
  Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.
  ☆19Updated 3 years ago
• Adepts-Of-0xCC / SnoopyOwl
  ☆48Updated 4 years ago
• samisecure / LsassDumpReflectiveDll
  Dump Lsass Memory Using a Reflective Dll
  ☆14Updated 3 years ago
• boku7 / SCMKit
  Source Code Management Attack Toolkit
  ☆12Updated 2 years ago
• tid4l / SharpCGHunter
  Receive the status of Windows Defender Credential Guard on network hosts.
  ☆27Updated 4 years ago
• vyrus001 / ebowla-2
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆22Updated 3 years ago
• EspressoCake / Aggressor_Scripts
  A compilation of Aggressor/Sleep scripts for operational purposes that I've made.
  ☆11Updated 3 years ago
• JCSteiner / SGCC---public
  Command and Control Framework using powershell implants
  ☆29Updated last week
• vysecurity / Nemesis-Download-Watcher
  Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.
  ☆14Updated last year
• sk3w / beacon-object-files
  Miscellaneous examples for use with Cobalt Strike Beacon
  ☆10Updated 4 years ago
• invictus-0x90 / Docker-C3
  Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container
  ☆27Updated 3 years ago
• D4rthMaulCop / DarthNetLoader
  ☆15Updated last year
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Updated last year
• two06 / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆15Updated 4 years ago
• FatRodzianko / Get-Writable
  Find world writable directories that contain a .exe or .dll file
  ☆12Updated 3 years ago