Alternatives and similar repositories for MagicDot

Users that are interested in MagicDot are comparing it to the libraries listed below

• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 10 months ago
• joe-desimone / rep-research
  ☆75Updated 10 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆72Updated 2 months ago
• decoder-it / RelabelAbuse
  ☆61Updated last year
• SafeBreach-Labs / CortexVortex
  ☆78Updated last year
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆81Updated last year
• rad9800 / FileRenameJunctionsEDRDisable
  ☆155Updated 6 months ago
• Slowerzs / CryptDecryptMemory
  ☆30Updated 6 months ago
• rasta-mouse / KerbApp
  ☆29Updated last year
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 5 months ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆49Updated last year
• passthehashbrowns / Being-A-Good-CLR-Host
  ☆62Updated 5 months ago
• xpn / CloudInject
  ☆110Updated 7 months ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆75Updated 2 years ago
• lap1nou / CLR_Heap_encryption
  ☆99Updated last year
• xforcered / Being-A-Good-CLR-Host
  ☆110Updated 5 months ago
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆130Updated 10 months ago
• MEhrn00 / boflink
  Linker for Beacon Object Files
  ☆116Updated this week
• Octoberfest7 / Enumprotections_BOF
  A BOF to enumerate system process, their protection levels, and more.
  ☆116Updated 6 months ago
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆50Updated 2 years ago
• eversinc33 / Godmode
  Tool for playing with Windows Access Token manipulation.
  ☆55Updated 2 years ago
• susMdT / ForsHops
  ForsHops
  ☆53Updated 2 months ago
• Wh04m1001 / GamingServiceEoP5
  ☆28Updated last year
• dsnezhkov / shutter
  ☆119Updated 4 years ago
• synacktiv / keebcap
  Win32 keylogger that supports all (non-ime using) languages correctly
  ☆50Updated last year
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• SpikySabra / Kernel-Cactus
  It's pointy and it hurts!
  ☆126Updated 2 years ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• p0dalirius / FindProcessesWithNamedPipes
  A simple C++ Windows tool to get information about processes exposing named pipes.
  ☆38Updated 3 months ago