OsandaMalith/CallbackShellcode external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

OsandaMalith/CallbackShellcode

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/OsandaMalith/CallbackShellcode)

Close

OsandaMalith / CallbackShellcodeView on GitHubMore

• External links
• Readme badge

Executing Shellcode with ReadDirectoryChanges’s Hidden Callback

☆30Oct 13, 2025Updated 4 months ago

Alternatives and similar repositories for CallbackShellcode

Users that are interested in CallbackShellcode are comparing it to the libraries listed below

• JCSteiner / Emperor-Public

  View on GitHub
  Payload Generation Workflow
  ☆40Jul 18, 2025Updated 7 months ago
• ricardojoserf / w11_shadow_copies

  View on GitHub
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆84Jan 26, 2026Updated last month
• rxOred / process-hollowing

  View on GitHub
  process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
  ☆31Jan 9, 2022Updated 4 years ago
• glynx / peas

  View on GitHub
  Modified version of PEAS client for offensive operations
  ☆50Nov 1, 2025Updated 3 months ago
• samisecure / LsassDumpReflectiveDll

  View on GitHub
  Dump Lsass Memory Using a Reflective Dll
  ☆14Feb 4, 2022Updated 4 years ago
• OtterHacker / AWSDoor

  View on GitHub
  AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments
  ☆30Sep 17, 2025Updated 5 months ago
• ADPunisher / Find-UACAutoElevate

  View on GitHub
  ☆31Aug 13, 2025Updated 6 months ago
• b5null / Invoke-BadSuccessor.ps1

  View on GitHub
  PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)
  ☆44Nov 19, 2025Updated 3 months ago
• VirtualAlllocEx / CS-EDR-Enumeration

  View on GitHub
  Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…
  ☆33Feb 6, 2026Updated 3 weeks ago
• Fatmike-GH / JitDecrypter

  View on GitHub
  A Just-In-Time Decrypter for Windows executables (x86 and x64) that performs real-time, instruction-level decryption of encrypted code se…
  ☆50Nov 3, 2025Updated 3 months ago
• AlteredSecurity / RBCD

  View on GitHub
  Script written in python to perform Resource-Based Constrained Delegation (RBCD) attack by leveraging Impacket toolkit.
  ☆21Jul 6, 2021Updated 4 years ago
• kleiton0x00 / contexter

  View on GitHub
  Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3
  ☆26Aug 18, 2024Updated last year
• ShigShag / AMSI-Bypass-via-Page-Guard-Exceptions

  View on GitHub
  Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions
  ☆63Nov 15, 2025Updated 3 months ago
• OtterHacker / AWSRedirector

  View on GitHub
  ☆58Feb 16, 2025Updated last year
• S3cur3Th1sSh1t / AI-Coded-scripts

  View on GitHub
  This repo contains useful scripts that AI created for me which I would have been too lazy for
  ☆92Updated this week
• vysecurity / ExfilServer

  View on GitHub
  Client-side Encrypted Upload Server Python Script
  ☆66Jul 10, 2025Updated 7 months ago
• Acucarinho / havoc-obfuscator

  View on GitHub
  Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.
  ☆46Aug 13, 2025Updated 6 months ago
• t3hbb / citrixphishlet

  View on GitHub
  Citrix Phishlet
  ☆24Feb 2, 2021Updated 5 years ago
• m8sec / Dispatch

  View on GitHub
  Evasive Payload Delivery Server & C2 Redirector
  ☆112Nov 3, 2025Updated 3 months ago
• Whitecat18 / LazyDLLSideload

  View on GitHub
  Generate DLL proxy/sideload projects. Automatically parses PE export tables and generates ready-to-compile project for red team engagemen…
  ☆80Feb 16, 2026Updated last week
• passthehashbrowns / DInvokeProcessHollowing

  View on GitHub
  ☆31Aug 23, 2020Updated 5 years ago
• SpecterOps / ConfigManBearPig

  View on GitHub
  PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph
  ☆72Updated this week
• kidtronnix / restless-guest

  View on GitHub
  An offensive toolkit for restless guests #DEFCON33
  ☆53Aug 11, 2025Updated 6 months ago
• jonny-jhnson / JonMon-Lite

  View on GitHub
  ☆48Jun 6, 2025Updated 8 months ago
• OtterHacker / AWSRoundRobin

  View on GitHub
  ☆41Feb 20, 2025Updated last year
• The-Viper-One / Invoke-PassTheCert

  View on GitHub
  Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆59Apr 13, 2025Updated 10 months ago
• ZephrFish / DynamicMSBuilder

  View on GitHub
  A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation
  ☆38Dec 7, 2025Updated 2 months ago
• rvrsh3ll / FindIngressEmail

  View on GitHub
  Find Inbound Email Domains
  ☆35Dec 21, 2023Updated 2 years ago
• logangoins / BadTakeover-BOF

  View on GitHub
  Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
  ☆85Oct 20, 2025Updated 4 months ago
• dmcxblue / WSL-Payloads

  View on GitHub
  A small How-To on creating your own weaponized WSL file
  ☆121Jul 23, 2025Updated 7 months ago
• zllovesuki / t

  View on GitHub
  [DEPRECATED, use specter instead] like ngrok, but ambitious
  ☆36Apr 5, 2022Updated 3 years ago
• danielwolfman / Invoke-WordThief

  View on GitHub
  This script runs multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft Word documents (.doc,.doc…
  ☆33Jul 24, 2020Updated 5 years ago
• Mr-Un1k0d3r / BOFCode

  View on GitHub
  Bunch of BOF files
  ☆39Jun 30, 2025Updated 7 months ago
• MaorSabag / impacket-jump

  View on GitHub
  Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…
  ☆119Dec 7, 2025Updated 2 months ago
• wireless90 / ProcessInjector.NET

  View on GitHub
  Learning Process Injection and Hollowing techniques
  ☆42Jun 26, 2022Updated 3 years ago
• praetorian-inc / julius

  View on GitHub
  Simple LLM service identification - translate IP:Port to Ollama, vLLM, LiteLLM, or 30+ other AI services in seconds
  ☆16Feb 16, 2026Updated last week
• shantanu561993 / DLL-Sideload

  View on GitHub
  ☆43Jan 2, 2023Updated 3 years ago
• MythicMeta / Pantheon

  View on GitHub
  Community Eventing and Scripting examples
  ☆18Aug 11, 2025Updated 6 months ago
• chr0n1k / Auror-Project

  View on GitHub
  Challenge 1 of The Auror Project - Setup AD Lab automatically
  ☆12Apr 26, 2022Updated 3 years ago