Sleep replacement that executes real, varied work to break behavioral pattern matching by EDR and anti-cheat systems
☆34Jun 10, 2026Updated last month
Alternatives and similar repositories for BusyWork
Users that are interested in BusyWork are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆62May 4, 2026Updated 2 months ago
- Modular User-Defined Reflective Loader (UDRL) built on Crystal Palace for controlled DLL execution and evasion research.☆30Apr 14, 2026Updated 3 months ago
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 5 months ago
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- Repository hosting a hypothetical EDR Spoofer, as discovered originally by Nightmare-Eclipse☆41May 27, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆22May 19, 2026Updated last month
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- NØW is a word-based shellcode encoding and obfuscation tool that transforms raw shellcode bytes into natural-looking English prose.☆68Jun 24, 2026Updated 2 weeks ago
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆76Aug 24, 2025Updated 10 months ago
- ☆70Apr 20, 2026Updated 2 months ago
- Clean Indirect Syscalls with Hook Evasion & Return Address Spoofing.☆97Apr 30, 2026Updated 2 months ago
- Rusty Armory - Beacon Object Files (BOFs) in Rust (Codename: Armory)☆69Apr 3, 2026Updated 3 months ago
- Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.☆61May 4, 2026Updated 2 months ago
- Windows native ETW inspection suite for browsing providers, reading metadata, consuming live events, recording ETL traces, filtering resu…☆86Jun 27, 2026Updated 2 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A stealthy and modular Windows loader designed to bypass modern EDR solutions using Module Stomping, Stack Duplication, and Advanced Slee…☆66Updated this week
- WasmForge — compile Go and C# programs to single-binary, WASM-sandboxed native executables with polymorphic output.☆99Jun 24, 2026Updated 2 weeks ago
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆49Feb 19, 2026Updated 4 months ago
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- Rusty DoublePulsar - Cobalt Strike User-Defined Reflective Loader (UDRL) in Rust (Codename: DoublePulsar)☆113May 14, 2026Updated 2 months ago
- Adaptix C2 agent using Crystal Palace PIC linker and PICO module system☆98Jun 7, 2026Updated last month
- Crystal Palace Evasion kit for Sliver☆96Jun 13, 2026Updated last month
- This repository contains a collection of scripts I use regularly for offensive security-related tasks.☆16Mar 9, 2026Updated 4 months ago
- InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution☆161Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Arbitrary file read exploit for the Windows UPnP Device Host service.☆20Jun 5, 2026Updated last month
- Usermode detector that catches indirect syscalls. Traps Hell's Hall, Tartarus' Gate, RecycledGate, and VEH syscalls & Many more.☆84Jun 15, 2026Updated 3 weeks ago
- Phantom-Evasion-Loader is a standalone, pure x64 Assembly injection engine engineered to minimize the detection surface of modern EDR/XDR…☆108Updated this week
- Activation Context Hijacking Evasion Tool☆293Jun 17, 2026Updated 3 weeks ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆19Jun 26, 2025Updated last year
- Evasive loader for .NET Framework assemblies☆82May 12, 2026Updated 2 months ago
- A sleepmask based on Ekko that preserves unwind data at sleep time.☆54Mar 30, 2026Updated 3 months ago
- Awesome MalDev Links☆76Jun 21, 2026Updated 3 weeks ago
- Async BOF to capture KeePass master passwords by detecting and keylogging locked database windows.☆46Jun 18, 2026Updated 3 weeks ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more☆57Jun 24, 2026Updated 2 weeks ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆211Dec 30, 2025Updated 6 months ago
- A compiled language for Windows position-independent x86-64 shellcode and Beacon Object Files.☆170Jun 28, 2026Updated 2 weeks ago
- Beacon Object File for LDAP Queries Through ADWS☆33Jun 12, 2026Updated last month
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆145Apr 6, 2025Updated last year
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆142Apr 22, 2026Updated 2 months ago