Alternatives and similar repositories for shellcodes

Users that are interested in shellcodes are comparing it to the libraries listed below

• OtterHacker / Hooker
  ☆107Updated 7 months ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆52Updated 3 months ago
• CICADA8-Research / MyMSIAnalyzer
  Analyse MSI files for vulnerabilities
  ☆137Updated 9 months ago
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆27Updated last year
• mbanyamer / CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free-
  Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397)
  ☆57Updated 3 weeks ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 9 months ago
• rad9800 / RansomFS
  ☆31Updated 3 months ago
• MatheuZSecurity / ModTracer
  ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.
  ☆82Updated 3 months ago
• x86byte / Stuxnet-Rootkit
  Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
  ☆58Updated 9 months ago
• 7eRoM / tutorials
  ☆16Updated last month
• rad9800 / talks
  ☆57Updated 2 months ago
• FuzzySecurity / Magikarp
  ECC Public Key Cryptography
  ☆38Updated last year
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆42Updated 9 months ago
• MatheuZSecurity / ElfDoor-gcc
  ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
  ☆113Updated 2 months ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆82Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 10 months ago
• 0x4141414141 / Malware-Devlopment
  Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C
  ☆39Updated 5 years ago
• ChaitanyaHaritash / IllusiveFog
  Windows Administrator level Implant.
  ☆49Updated 8 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated 8 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 5 months ago
• synacktiv / keebcap
  Win32 keylogger that supports all (non-ime using) languages correctly
  ☆50Updated last year
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆55Updated last year
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• malsearchs / Static-Reverse-Engineering-SRE
  SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool
  ☆53Updated 5 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆50Updated last year
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆100Updated last year
• kn0x0x / CVE-2025-32756-POC
  Proof of Concept for CVE-2025-32756 - A critical stack-based buffer overflow vulnerability affecting multiple Fortinet products.
  ☆76Updated 2 weeks ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆52Updated 6 months ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year