Alternatives and similar repositories for Windows

Users that are interested in Windows are comparing it to the libraries listed below

• h0ru / AMSI-Reaper
  ☆103Updated 8 months ago
• nu11secur1ty / Windows11Exploits
  ☆125Updated last month
• duy-31 / CVE-2024-21413
  Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC
  ☆153Updated last year
• keywa7 / keywa7
  The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.
  ☆61Updated 8 months ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆175Updated last year
• PolGs / Persistent-Backdoor
  Ethical Remote Acces Tool Client and Server for W10 and Linux Persist functionality
  ☆50Updated 2 years ago
• MatheuZSecurity / ModTracer
  ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.
  ☆80Updated 2 months ago
• ghostpepper108 / Evasion
  ☆106Updated 2 years ago
• SaadAhla / DocPlz
  Documents Exfiltration project for fun and educational purposes
  ☆145Updated last year
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆120Updated 6 months ago
• Primusinterp / PrimusC2
  A C2 framework built for my bachelors thesis
  ☆55Updated 6 months ago
• trevorsaudi / Mshikaki
  A shellcode injection tool showcasing various process injection techniques
  ☆136Updated last year
• Wh04m1001 / CVE-2024-20656
  ☆137Updated last year
• x86byte / Stuxnet-Rootkit
  Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
  ☆52Updated 8 months ago
• m417z / CVE-2023-36003-POC
  Privilege escalation using the XAML diagnostics API (CVE-2023-36003)
  ☆92Updated last year
• BlackSnufkin / Invoke-DumpMDEConfig
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆148Updated 11 months ago
• nocerainfosec / TakeMyRDP2.0
  An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard in…
  ☆104Updated last year
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆137Updated 2 years ago
• alexdhital / Infiltrax
  Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve cli…
  ☆76Updated 8 months ago
• tjnull / pentest-arsenal
  A collection of tools that I use in CTF's or for assessments
  ☆97Updated 3 months ago
• georgesotiriadis / MalwareDev
  ☆85Updated 2 years ago
• ELMERIKH / Keres
  Persistent Powershell backdoor tool {😈}
  ☆119Updated 9 months ago
• ricardojoserf / WhoamiAlternatives
  Different methods to get current username without using whoami
  ☆174Updated last year
• ZeroMemoryEx / CVE-2025-26125
  (0day) Local Privilege Escalation in IObit Malware Fighter
  ☆138Updated last month
• hackerhouse-opensource / Artillery
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆173Updated last year
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆151Updated last year
• BlackSnufkin / GhostDriver
  yet another AV killer tool using BYOVD
  ☆270Updated last year
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆187Updated 2 months ago
• chebuya / exploits
  Repo for all my exploits/PoCs
  ☆50Updated last week
• t3l3machus / ACEshark
  ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…
  ☆110Updated 4 months ago