Alternatives and similar repositories for poseidon:

Users that are interested in poseidon are comparing it to the libraries listed below

• Bw3ll / ShellWasp
  ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…
  ☆165Updated last year
• Kudaes / Split
  Apply a divide and conquer approach to bypass EDRs
  ☆279Updated last year
• MythicAgents / Athena
  ☆194Updated last month
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆182Updated 3 months ago
• thefLink / DeepSleep
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆363Updated 2 years ago
• codewhitesec / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆216Updated 2 years ago
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆133Updated last year
• wumb0 / rust_bof
  Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
  ☆260Updated last year
• ly4k / PassTheChallenge
  Recovering NTLM hashes from Credential Guard
  ☆332Updated 2 years ago
• moloch-- / sliver-py
  A Python gRPC Client Library for Sliver
  ☆67Updated 3 months ago
• waldo-irc / YouMayPasser
  You shall pass
  ☆256Updated 2 years ago
• deepinstinct / ContainYourself
  A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
  ☆308Updated last year
• gabriellandau / EDRSandblast-GodFault
  EDRSandblast-GodFault
  ☆250Updated last year
• rad9800 / misc
  miscellaneous scripts and programs
  ☆235Updated last month
• itm4n / PPLmedic
  Dump the memory of any PPL with a Userland exploit chain
  ☆333Updated 2 years ago
• connormcgarr / tgtdelegation
  tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"
  ☆172Updated 3 years ago
• CCob / SylantStrike
  Simple EDR implementation to demonstrate bypass
  ☆170Updated 4 years ago
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆264Updated last year
• xforcered / CredBandit
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆239Updated 3 years ago
• NVISOsecurity / brown-bags
  ☆111Updated last year
• nettitude / Tartarus-TpAllocInject
  ☆181Updated last year
• bananabr / TimeException
  A tool to find folders excluded from AV real-time scanning using a time oracle
  ☆232Updated last year
• thefLink / Hunt-Weird-Syscalls
  ETW based POC to identify direct and indirect syscalls
  ☆180Updated last year
• x42en / sysplant
  Your syscall factory
  ☆120Updated 2 weeks ago
• dobin / antnium
  A C2 framework for initial access in Go
  ☆177Updated 2 years ago
• S3cur3Th1sSh1t / Ruy-Lopez
  ☆299Updated last year
• xforcered / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆323Updated 8 months ago
• Idov31 / Jormungandr
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆229Updated last year
• OmriBaso / RToolZ
  A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
  ☆319Updated 2 years ago
• kleiton0x00 / Shelltropy
  A technique of hiding malicious shellcode via Shannon encoding.
  ☆253Updated 2 years ago