Alternatives and similar repositories for D3MPSEC

Users that are interested in D3MPSEC are comparing it to the libraries listed below

• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆33Updated 2 years ago
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆84Updated last year
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆25Updated 2 years ago
• EricEsquivel / OpsLoader
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆45Updated last year
• MaorSabag / interactive-execute-shellcode
  A simple PoC of injection shellcode into a remote process and get the output using namepipe
  ☆44Updated 2 years ago
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61Updated 8 months ago
• HulkOperator / AuthStager
  ☆59Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• CodeXTF2 / evasion-adventures-files
  Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"
  ☆31Updated 3 years ago
• arimaqz / strfile-encryptor
  string/file/shellcode encryptor using AES/XOR
  ☆11Updated 2 years ago
• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆30Updated last year
• d4rkiZ / EmbedExeLnk-
  EmbedExeLnk by x86matthew modified by d4rkiZ
  ☆42Updated 2 years ago
• susMdT / AceLdr
  Cobalt Strike UDRL for memory scanner evasion.
  ☆52Updated 2 years ago
• VirtualAlllocEx / DSC_SVC_REMOTE
  This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…
  ☆55Updated 2 years ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Updated last year
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆68Updated last year
• c3r3br4t3 / ShadowRDP
  ☆75Updated 2 years ago
• jsecu / ModTask
  ☆53Updated 4 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆48Updated 2 years ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year
• deh00ni / NtDumpBOF
  ☆100Updated last year
• REDMED-X / InjectKit
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆105Updated 2 years ago
• T1erno / bin2shellcode
  C++ tool and library for converting .bin files to shellcode in multiple output formats.
  ☆33Updated 5 months ago
• ricardojoserf / w11_shadow_copies
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆80Updated 2 weeks ago
• OffenseTeacher / Steganim
  ☆47Updated 2 years ago
• rasta-mouse / SpawnWith
  ☆109Updated 11 months ago
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆42Updated 2 years ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆76Updated 2 years ago
• cybersectroll / TrollRPC
  ☆50Updated 7 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆75Updated 3 months ago