Alternatives and similar repositories for awesome-persistence

Users that are interested in awesome-persistence are comparing it to the libraries listed below

• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated 2 years ago
• eversinc33 / RDPassSpray
  Python3 tool to perform password spraying using RDP
  ☆16Updated 2 years ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆55Updated last year
• MzHmO / PPLDescribe
  Tool for obtaining information about PPL processes
  ☆16Updated last year
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆49Updated 3 years ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Updated 3 years ago
• Bl4ckM1rror / PEAs
  ☆60Updated last year
• rbmm / Hollowed-Process
  ☆30Updated last month
• susMdT / fictional-invention
  idk man this was the default github name
  ☆35Updated 2 years ago
• Nariod / Tartocitron
  Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.
  ☆11Updated 3 years ago
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• Foolish1337 / kernel-programming
  Progress of learning kernel development
  ☆14Updated 2 years ago
• vysecurity / OffensiveLAM
  A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…
  ☆26Updated last year
• whokilleddb / injection-for-dummies
  A collection of PoCs for different injection techniques on Windows!
  ☆46Updated 2 years ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆19Updated 2 years ago
• VirtualAlllocEx / DSC_SVC_REMOTE
  This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…
  ☆54Updated 2 years ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated 2 years ago
• Kharos102 / interceptor
  Sample Rust Hooking Engine
  ☆36Updated last year
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆44Updated last year
• demon-i386 / binarybinarybinary
  some AV / EDR / analysis studies
  ☆10Updated 2 years ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated 2 years ago
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆62Updated 8 months ago
• rbmm / TL-TASK
  ☆20Updated 3 weeks ago
• lleon1435 / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆14Updated 2 years ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆67Updated 3 years ago
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Updated 2 years ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆35Updated last year
• rbmm / Services
  ☆18Updated 9 months ago