Alternatives and similar repositories for Anti-Sandbox

Users that are interested in Anti-Sandbox are comparing it to the libraries listed below

• almounah / GoDroplets
  Go Shellcode Loader to be Integrated in Exploration C2
  ☆28Updated 10 months ago
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61Updated 7 months ago
• safedv / Rustic64Shell
  A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
  ☆85Updated 7 months ago
• 0xTriboulet / ai-postex
  Proof-of-concept implementation of AI-enabled postex DLLs
  ☆53Updated 3 months ago
• zarkones / BloodfangC2
  Modern PIC implant for Windows (64 & 32 bit)
  ☆105Updated 4 months ago
• Maldev-Academy / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆53Updated 7 months ago
• djackreuter / btexec
  Execute shellcode via Bluetooth device authentication
  ☆40Updated 10 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆59Updated 10 months ago
• zer1t0 / keydump
  Dump Linux keyrings
  ☆23Updated last year
• hwbp / LazyHook
  Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.
  ☆107Updated last week
• logangoins / BadTakeover-BOF
  Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
  ☆83Updated 2 months ago
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆62Updated 11 months ago
• zimnyaa / remotechrome
  dump Chrome cookies remotely with atexec and CDP
  ☆67Updated last year
• HulkOperator / AuthStager
  ☆59Updated last year
• entropy-z / Kharon-Agent
  Agent for AdaptixC2 containing lateral movement capabilities ( WMI, SCM, WinRM, DCOM ), bof/dotnet/shellcode in memory executions, postex…
  ☆95Updated last week
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆61Updated 7 months ago
• 0xTriboulet / rssh-rs
  ☆54Updated 6 months ago
• 0xedh / DEFCON33-KillChainReloaded
  ☆74Updated 4 months ago
• T1erno / bin2shellcode
  C++ tool and library for converting .bin files to shellcode in multiple output formats.
  ☆34Updated 4 months ago
• Teach2Breach / pool_party_rs
  remote process injections using pool party techniques
  ☆69Updated 5 months ago
• SecTheBit / ZoomBotC2
  ☆56Updated 5 months ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆35Updated 2 years ago
• Teach2Breach / phantom_persist_rs
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆62Updated 5 months ago
• dis0rder0x00 / stillepost
  Using Chromium-based browsers as a proxy for C2 traffic.
  ☆116Updated 2 weeks ago
• Teach2Breach / nt_unhooker
  demo unhooking functions in ntdll
  ☆28Updated 5 months ago
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆50Updated 10 months ago
• 0xTriboulet / scepter-rs
  A hacky way of getting cross-arch/platform support in Cobalt Strike
  ☆38Updated 3 months ago
• racoten / CannonLoader
  Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs
  ☆23Updated 5 months ago
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆125Updated 5 months ago
• Acucarinho / havoc-obfuscator
  Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.
  ☆47Updated 4 months ago