Sh3lldon/HellsVectoredGate external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Sh3lldon/HellsVectoredGate

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Sh3lldon/HellsVectoredGate)

Close

Sh3lldon / HellsVectoredGateView on GitHubMore

• External links
• Readme badge

☆54Oct 13, 2025Updated 5 months ago

Alternatives and similar repositories for HellsVectoredGate

Users that are interested in HellsVectoredGate are comparing it to the libraries listed below

• mochabyte0x / TrampoLatte

  View on GitHub
  A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow
  ☆18Jun 26, 2025Updated 8 months ago
• LazyTitan33 / DomainPasswordSpray

  View on GitHub
  DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…
  ☆14Jul 16, 2025Updated 8 months ago
• Maldev-Academy / TrapFlagForSyscalling

  View on GitHub
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆139Aug 25, 2025Updated 6 months ago
• EricEsquivel / Inline-EA

  View on GitHub
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆309Mar 31, 2025Updated 11 months ago
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆233Oct 30, 2025Updated 4 months ago
• rasta-mouse / LibGate

  View on GitHub
  A Crystal Palace shared library to resolve & perform syscalls
  ☆58Oct 29, 2025Updated 4 months ago
• Meowmycks / koneko

  View on GitHub
  Robust Cobalt Strike shellcode loader with multiple advanced evasion features
  ☆200Apr 21, 2025Updated 11 months ago
• NUL0x4C / HookingLsassForCredentials

  View on GitHub
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61May 12, 2025Updated 10 months ago
• V-i-x-x / win11-kernel-execution-syscall-hijack

  View on GitHub
  Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)
  ☆56Jun 15, 2025Updated 9 months ago
• Maldev-Academy / HookingLsassForCredentials

  View on GitHub
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆54May 12, 2025Updated 10 months ago
• racoten / CannonLoader

  View on GitHub
  Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs
  ☆24Jul 11, 2025Updated 8 months ago
• pard0p / Self-Cleaning-PICO-Loader

  View on GitHub
  Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …
  ☆51Nov 2, 2025Updated 4 months ago
• ChoiSG / SharpPSLoader

  View on GitHub
  Simple .NET loader for loading and executing Powershell payloads
  ☆17Nov 5, 2021Updated 4 years ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• ameenalkerdy / ETWShellcodeLoader

  View on GitHub
  Shellcode Loader Utilizing ETW Events
  ☆66Feb 26, 2025Updated last year
• casp3r0x0 / PolymorphicSignature

  View on GitHub
  A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.
  ☆17Feb 3, 2025Updated last year
• dmcxblue / AzureRedirector

  View on GitHub
  A C# project that builds a Web Application which redirects all HTTPS
  ☆26Feb 11, 2025Updated last year
• jsecu / ModTask

  View on GitHub
  ☆53Sep 23, 2025Updated 5 months ago
• huoji120 / sleep_duck_eye

  View on GitHub
  Stack integrity verification to Detect SleepMask or CallStack Spoofer
  ☆53Jul 13, 2025Updated 8 months ago
• NtDallas / KrakenMask

  View on GitHub
  Sleep obfuscation
  ☆271Dec 13, 2024Updated last year
• Print3M / epic

  View on GitHub
  PIC shellcode (C/C++) development toolkit designed for malware developers.
  ☆121Dec 23, 2025Updated 2 months ago
• zero2504 / Early-Cryo-Bird-Injections

  View on GitHub
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆139Apr 6, 2025Updated 11 months ago
• NtDallas / BOF_RunPe

  View on GitHub
  BOF to run PE in Cobalt Strike Beacon without console creation
  ☆188Nov 23, 2025Updated 3 months ago
• RWXstoned / GimmeShelter

  View on GitHub
  Situational Awareness script to identify how and where to run implants
  ☆68Dec 6, 2024Updated last year
• HulkOperator / CallStackSpoofer

  View on GitHub
  ☆65Dec 19, 2024Updated last year
• zero2504 / Detoured-DLL-Injection

  View on GitHub
  DLL injection with Microsoft detours
  ☆22Dec 9, 2025Updated 3 months ago
• PhantomSecurityGroup / Crystal-Kit

  View on GitHub
  Evasion kit for Cobalt Strike
  ☆30Jan 16, 2026Updated 2 months ago
• ColeHouston / Sunder

  View on GitHub
  Windows rootkit designed to work with BYOVD exploits
  ☆217Jan 18, 2025Updated last year
• zero2504 / FrostLock-Injection

  View on GitHub
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆43Apr 6, 2025Updated 11 months ago
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆209Dec 25, 2024Updated last year
• AlmondOffSec / DCOMRunAs

  View on GitHub
  Lateral movement with DCOM DLL hijacking
  ☆176Jul 4, 2025Updated 8 months ago
• y00ga-sec / Trustify

  View on GitHub
  Attack Active Directory Trusts with a single tool
  ☆14Jan 15, 2025Updated last year
• klezVirus / Moonwalk--

  View on GitHub
  Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption
  ☆210Dec 17, 2025Updated 3 months ago
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆195Nov 27, 2024Updated last year
• JoasASantos / shellcode-tester-pro

  View on GitHub
  Shellcode Tester Pro is a graphical interface tool for analysis, simulated execution, and reverse engineering of malicious shellcodes.
  ☆47Apr 7, 2025Updated 11 months ago
• joaoviictorti / coffeeldr

  View on GitHub
  A COFF Loader written in Rust
  ☆140Dec 1, 2025Updated 3 months ago
• ZephrFish / QoL-BOFs

  View on GitHub
  Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
  ☆137Dec 7, 2025Updated 3 months ago
• m7rick / Havoc-DLLHijack

  View on GitHub
  A tool to assist DLL hijacking via the Havoc GUI
  ☆13Jan 9, 2024Updated 2 years ago
• Teach2Breach / nt_unhooker

  View on GitHub
  demo unhooking functions in ntdll
  ☆28Jul 15, 2025Updated 8 months ago