Alternatives and similar repositories for FilelessNtdllReflection:

Users that are interested in FilelessNtdllReflection are comparing it to the libraries listed below

• Allevon412 / BreadManModuleStomping
  ☆42Updated last year
• florylsk / AmsiBypass123
  ☆13Updated 2 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• mgeeky / unhook-bof
  Remove API hooks from a Beacon process.
  ☆13Updated 3 years ago
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆70Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆42Updated last year
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆36Updated 2 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆52Updated last year
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆54Updated 2 years ago
• NUL0x4C / ManualRsrcDataFetching
  Get your data from the resource section manually, with no need for windows apis
  ☆58Updated 4 months ago
• JetP1ane / Artemis
  Artemis - C++ Hell's Gate Syscall Implementation
  ☆32Updated last year
• SolomonSklash / netntlm
  A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP
  ☆33Updated 3 years ago
• MaorSabag / LoaderInjector
  ☆19Updated 2 years ago
• d4rkiZ / EmbedExeLnk-
  EmbedExeLnk by x86matthew modified by d4rkiZ
  ☆34Updated last year
• NioZow / bof-collection
  ☆19Updated 3 weeks ago
• jsecu / ElevatedEvents
  ☆29Updated 2 years ago
• EricEsquivel / OpsLoader
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆19Updated 5 months ago
• benheise / TitanLdr
  Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
  ☆46Updated 3 years ago
• Uri3n / Advanced-TLS-Injection
  Threadless injection via TLS callbacks
  ☆16Updated 3 months ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆41Updated last year
• jsecu / BOF-pack-1
  A care package of useful bofs for red team engagments
  ☆54Updated 3 months ago
• Ap3x / COFF-Loader
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆43Updated last year
• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆67Updated last year
• CodeXTF2 / evasion-adventures-files
  Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"
  ☆26Updated 2 years ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆36Updated last year
• Mr-Un1k0d3r / BOFCode
  Bunch of BOF files
  ☆30Updated 2 months ago
• zimawhit3 / DynimicGhostWriting
  Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
  ☆28Updated 3 years ago
• snovvcrash / BOFs
  Beacon Object Files (not Buffer Overflows)
  ☆53Updated 2 years ago