Alternatives and similar repositories for Ulfberht:

Users that are interested in Ulfberht are comparing it to the libraries listed below

• NtDallas / Draugr
  BOF with Synthetic Stackframe
  ☆103Updated this week
• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆103Updated 3 months ago
• Octoberfest7 / enumhandles_BOF
  ☆122Updated 4 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 5 months ago
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆125Updated 5 months ago
• xforcered / Being-A-Good-CLR-Host
  ☆87Updated 2 weeks ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆89Updated 10 months ago
• passthehashbrowns / BOFMask
  ☆113Updated last year
• NtDallas / Fenrir
  stack spoofing
  ☆77Updated 2 months ago
• deh00ni / NtDumpBOF
  ☆92Updated 4 months ago
• Octoberfest7 / Enumprotections_BOF
  A BOF to enumerate system process, their protection levels, and more.
  ☆113Updated 2 months ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆56Updated last year
• realoriginal / titanldr-ng
  A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …
  ☆172Updated last year
• rad9800 / FileRenameJunctionsEDRDisable
  ☆137Updated last month
• decoder-it / RelabelAbuse
  ☆60Updated 8 months ago
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆64Updated 5 months ago
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆106Updated 6 months ago
• kozmer / aad-bofs
  AzureAD beacon object files
  ☆108Updated last month
• NtDallas / sharp-execute
  Execute dotnet app from unmanaged process
  ☆68Updated last month
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated 11 months ago
• securifybv / BOFRyptor
  ☆120Updated last year
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆162Updated last month
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆61Updated 7 months ago
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆72Updated 9 months ago
• Hagrid29 / RemotePatcher
  Patch AMSI and ETW in remote process via direct syscall
  ☆80Updated 2 years ago
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆154Updated 4 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆206Updated last month
• fin3ss3g0d / IoDllProxyLoad
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆60Updated 10 months ago
• ZERODETECTION / MSC_Dropper
  ☆137Updated 6 months ago