Slowerzs/PPLSystem

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Slowerzs/PPLSystem)

Slowerzs / PPLSystem

☆206

Alternatives and similar repositories for PPLSystem

Users that are interested in PPLSystem are comparing it to the libraries listed below

Sorting:

Kudaes / Shelter
View on GitHub
ROP-based sleep obfuscation to evade memory scanners
☆379Jun 22, 2025Updated 8 months ago
itm4n / PPLrevenant
View on GitHub
Bypass LSA protection using the BYODLL technique
☆172Sep 21, 2024Updated last year
Ridter / atexec-pro
View on GitHub
Fileless atexec, no more need for port 445
☆406Mar 28, 2024Updated last year
deh00ni / NtDumpBOF
View on GitHub
☆100Sep 1, 2024Updated last year
vxCrypt0r / Voidgate
View on GitHub
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
☆592Jun 12, 2024Updated last year
BlackSnufkin / NovaLdr
View on GitHub
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
☆262Jun 29, 2024Updated last year
0xEr3bus / PoolPartyBof
View on GitHub
A beacon object file implementation of PoolParty Process Injection Technique.
☆438Dec 21, 2023Updated 2 years ago
gabriellandau / ItsNotASecurityBoundary
View on GitHub
☆195Jul 29, 2024Updated last year
naksyn / DojoLoader
View on GitHub
Generic PE loader for fast prototyping evasion techniques
☆245Jul 2, 2024Updated last year
VoldeSec / PatchlessCLRLoader
View on GitHub
.NET assembly loader with patchless AMSI and ETW bypass
☆374Apr 19, 2023Updated 2 years ago
JanielDary / ImmoralFiber
View on GitHub
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
☆283Sep 18, 2024Updated last year
Allevon412 / BreadManModuleStomping
View on GitHub
☆44Oct 16, 2023Updated 2 years ago
OtterHacker / SetProcessInjection
View on GitHub
☆153Oct 2, 2023Updated 2 years ago
icyguider / UAC-BOF-Bonanza
View on GitHub
Collection of UAC Bypass Techniques Weaponized as BOFs
☆611Feb 21, 2024Updated 2 years ago
T3nb3w / ComDotNetExploit
View on GitHub
A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …
☆335Mar 6, 2025Updated last year
CICADA8-Research / COMThanasia
View on GitHub
A set of programs for analyzing common vulnerabilities in COM
☆249Sep 8, 2024Updated last year
Octoberfest7 / enumhandles_BOF
View on GitHub
☆126Sep 1, 2024Updated last year
REDMED-X / InjectKit
View on GitHub
Modified versions of the Cobalt Strike Process Injection Kit
☆106Jan 24, 2024Updated 2 years ago
MalwareTech / EDR-Preloader
View on GitHub
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
☆542Feb 13, 2024Updated 2 years ago
vxCrypt0r / AMSI_VEH
View on GitHub
A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
☆169May 30, 2024Updated last year
safedv / RustiveDump
View on GitHub
LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…
☆385Apr 26, 2025Updated 10 months ago
WKL-Sec / LayeredSyscall
View on GitHub
Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
☆301Jul 31, 2024Updated last year
ricardojoserf / NativeDump
View on GitHub
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
☆701May 7, 2025Updated 10 months ago
susMdT / LoudSunRun
View on GitHub
Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
☆267Oct 16, 2024Updated last year
decoder-it / RelabelAbuse
View on GitHub
☆63May 31, 2024Updated last year
securifybv / BOFRyptor
View on GitHub
☆123Oct 9, 2023Updated 2 years ago
Mr-Un1k0d3r / .NetConfigLoader
View on GitHub
.net config loader
☆349Nov 9, 2023Updated 2 years ago
ioncodes / SilentLoad
View on GitHub
"Service-less" driver loading
☆184Nov 28, 2024Updated last year
Teach2Breach / early_cascade_inj_rs
View on GitHub
early cascade injection PoC based on Outflanks blog post, in rust
☆62Nov 8, 2024Updated last year
ElliotKillick / LdrLockLiberator
View on GitHub
For when DLLMain is the only way
☆424Oct 29, 2024Updated last year
0xEr3bus / RdpStrike
View on GitHub
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
☆250Jun 11, 2024Updated last year
CognisysGroup / HadesLdr
View on GitHub
Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
☆293Jul 15, 2023Updated 2 years ago
EvanMcBroom / perfect-loader
View on GitHub
Load a dynamic library from memory by modifying the native Windows loader
☆286Jun 18, 2025Updated 9 months ago
S3cur3Th1sSh1t / Caro-Kann
View on GitHub
Encrypted shellcode Injection to avoid Kernel triggered memory scans
☆407Sep 12, 2023Updated 2 years ago
hakaioffsec / coffee
View on GitHub
A COFF loader made in Rust
☆327Mar 14, 2026Updated last week
joaoviictorti / rustclr
View on GitHub
Host CLR and run .NET binaries using Rust
☆153Dec 23, 2025Updated 2 months ago
klezVirus / RpcProxyInvoke
View on GitHub
Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
☆137Aug 10, 2024Updated last year
ewby / Mockingjay_BOF
View on GitHub
Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
☆158Nov 7, 2023Updated 2 years ago
Kudaes / Unwinder
View on GitHub
Call stack spoofing for Rust
☆361Feb 7, 2025Updated last year