Alternatives and similar repositories for Ulfberht:

Users that are interested in Ulfberht are comparing it to the libraries listed below

• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆79Updated last month
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆119Updated 4 months ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆50Updated 11 months ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader
  ☆84Updated 9 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆56Updated 4 months ago
• NtDallas / Fenrir
  stack spoofing
  ☆68Updated 3 weeks ago
• realoriginal / titanldr-ng
  A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …
  ☆166Updated last year
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆62Updated 4 months ago
• Octoberfest7 / enumhandles_BOF
  ☆119Updated 3 months ago
• securifybv / BOFRyptor
  ☆118Updated last year
• decoder-it / RelabelAbuse
  ☆60Updated 6 months ago
• passthehashbrowns / BOFMask
  ☆108Updated last year
• ScriptIdiot / sleepmask_PatchlessHook
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆80Updated last year
• deh00ni / NtDumpBOF
  ☆90Updated 3 months ago
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆68Updated 7 months ago
• SaadAhla / D1rkSleep
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆114Updated last year
• Octoberfest7 / Enumprotections_BOF
  A BOF to enumerate system process, their protection levels, and more.
  ☆105Updated 2 weeks ago
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆152Updated 2 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆143Updated 2 weeks ago
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆40Updated 5 months ago
• ZephrFish / QoL-BOFs
  Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
  ☆106Updated this week
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆149Updated 11 months ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆69Updated 2 months ago
• wsummerhill / DictionShellcode
  Encode shellcode into dictionary words for evasion and entropy reduction
  ☆21Updated last month
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆104Updated 5 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆82Updated 6 months ago
• lap1nou / CLR_Heap_encryption
  ☆96Updated last year
• silentwarble / Hannibal
  Mythic C2 Agent written in x64 PIC C
  ☆60Updated 2 weeks ago