Alternatives and similar repositories for poseidon

Users that are interested in poseidon are comparing it to the libraries listed below

• Kudaes / Split
  Apply a divide and conquer approach to bypass EDRs
  ☆280Updated last year
• MythicAgents / Athena
  ☆201Updated last month
• moloch-- / sliver-py
  A Python gRPC Client Library for Sliver
  ☆69Updated 2 months ago
• bananabr / TimeException
  A tool to find folders excluded from AV real-time scanning using a time oracle
  ☆233Updated last year
• deepinstinct / ContainYourself
  A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
  ☆314Updated last year
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆266Updated last year
• S3cur3Th1sSh1t / Ruy-Lopez
  ☆305Updated last year
• nettitude / Aladdin
  ☆221Updated last year
• xforcered / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆331Updated 11 months ago
• codewhitesec / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆218Updated 2 years ago
• outflanknl / edr-internals
  Tools for analyzing EDR agents
  ☆229Updated last year
• Bw3ll / ShellWasp
  ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…
  ☆165Updated last year
• Kudaes / Bin-Finder
  Detect EDR's exceptions by inspecting processes' loaded modules
  ☆130Updated last year
• gabriellandau / EDRSandblast-GodFault
  EDRSandblast-GodFault
  ☆266Updated last year
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆188Updated 6 months ago
• WKL-Sec / dcomhijack
  Lateral Movement Using DCOM and DLL Hijacking
  ☆292Updated 2 years ago
• trustedsec / specula
  ☆199Updated last week
• itm4n / PPLmedic
  Dump the memory of any PPL with a Userland exploit chain
  ☆334Updated 2 years ago
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆139Updated last year
• tothi / serviceDetector
  Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…
  ☆232Updated last year
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆265Updated 9 months ago
• Tylous / Freeze
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆116Updated 2 years ago
• N7WEra / BofAllTheThings
  Creating a repository with all public Beacon Object Files (BoFs)
  ☆506Updated last year
• RedTeamOperations / Journey-to-McAfee
  ☆113Updated 3 years ago
• CCob / SylantStrike
  Simple EDR implementation to demonstrate bypass
  ☆173Updated 5 years ago
• wumb0 / rust_bof
  Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
  ☆264Updated last year
• nettitude / ETWHash
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆256Updated 2 years ago
• icyguider / LatLoader
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆303Updated last year
• WKL-Sec / GregsBestFriend
  GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
  ☆193Updated last year
• nettitude / ShellcodeMutator
  ☆248Updated 2 years ago