Alternatives and similar repositories for Hooker

Users that are interested in Hooker are comparing it to the libraries listed below

• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆87Updated last month
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆77Updated 3 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆155Updated 7 months ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 11 months ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆81Updated 2 years ago
• dmcxblue / Claude-C2
  Utilizng an MCP Server to communicate with your C2
  ☆75Updated 2 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 3 months ago
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆120Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆50Updated last year
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆79Updated 5 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆129Updated 3 weeks ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆75Updated 11 months ago
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆190Updated 5 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆155Updated 7 months ago
• joe-desimone / rep-research
  ☆76Updated 11 months ago
• xpn / CloudInject
  ☆111Updated 7 months ago
• decoder-it / ChgPass
  ☆132Updated 5 months ago
• deepinstinct / ShimMe
  ☆143Updated 8 months ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆75Updated 2 years ago
• xforcered / Being-A-Good-CLR-Host
  ☆110Updated 5 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆165Updated last year
• rbmm / SC
  shell code example
  ☆49Updated last month
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆97Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆61Updated 11 months ago
• RWXstoned / LdrShuffle
  Code execution/injection technique using DLL PEB module structure manipulation
  ☆129Updated last month
• eversinc33 / PSXecute
  MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.
  ☆115Updated 7 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated last year
• passthehashbrowns / Being-A-Good-CLR-Host
  ☆66Updated 5 months ago