Alternatives and similar repositories for PDFTypeSpoofing

Users that are interested in PDFTypeSpoofing are comparing it to the libraries listed below

• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆70Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 8 months ago
• VirtualAlllocEx / DSC_SVC_REMOTE
  This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…
  ☆51Updated 2 years ago
• florylsk / AmsiBypass123
  ☆13Updated 2 years ago
• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆28Updated 4 months ago
• d4rkiZ / EmbedExeLnk-
  EmbedExeLnk by x86matthew modified by d4rkiZ
  ☆41Updated 2 years ago
• EricEsquivel / OpsLoader
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆37Updated 8 months ago
• MaorSabag / fileSearcher
  A simple BOF (Beacon Object File) to search files in the system
  ☆14Updated last year
• EvilBytecode / Amsi-Patch-Updated-2025
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆17Updated last month
• RATandC2 / FilelessNtdllReflection
  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…
  ☆15Updated 2 years ago
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆31Updated last year
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆36Updated 2 years ago
• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆70Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆32Updated last year
• CodeXTF2 / evasion-adventures-files
  Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"
  ☆26Updated 2 years ago
• MaorSabag / interactive-execute-shellcode
  A simple PoC of injection shellcode into a remote process and get the output using namepipe
  ☆42Updated last year
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆85Updated 2 years ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆23Updated last year
• c3r3br4t3 / ShadowRDP
  ☆71Updated last year
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆100Updated 2 years ago
• Yair-Men / Passenger
  ProcExp Driver (Ab)use
  ☆22Updated 2 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆54Updated 2 years ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• atabetnouhaila / API-hashing
  ☆18Updated 7 months ago
• S12cybersecurity / DumpLsass
  C++ Code to perform a MiniDump of lsass.exe
  ☆34Updated last year
• hackerhouse-opensource / cve-2021-34527
  CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation
  ☆20Updated 2 years ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 9 months ago
• NioZow / bof-collection
  ☆23Updated 3 months ago
• EspressoCake / ReadRemoteProcessCommandline_BOF
  ☆26Updated last year
• MaorSabag / LoaderInjector
  ☆19Updated 2 years ago