Alternatives and similar repositories for awesome-persistence:

Users that are interested in awesome-persistence are comparing it to the libraries listed below

• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆16Updated last year
• Nariod / Tartocitron
  Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.
  ☆10Updated 2 years ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆34Updated last year
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆44Updated last year
• susMdT / fictional-invention
  idk man this was the default github name
  ☆35Updated last year
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆28Updated last year
• Und3rf10w / CobaltStrikeBOFs
  Beacon Object Files used for Cobalt Strike
  ☆17Updated last year
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆52Updated last year
• Teach2Breach / Red_Team_Rust
  Collection of Rust repos useful for Red Teamers.
  ☆31Updated 2 years ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆30Updated last year
• RATandC2 / FilelessNtdllReflection
  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…
  ☆15Updated 2 years ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆25Updated 11 months ago
• atabetnouhaila / API-hashing
  ☆18Updated 4 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• Foolish1337 / kernel-programming
  Progress of learning kernel development
  ☆14Updated 2 years ago
• EvanMcBroom / sleepy
  A lexer and parser for Sleep
  ☆16Updated last month
• susMdT / clr-thing
  rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
  ☆15Updated last year
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• paranoidninja / BRC4-Seminar-Stage-I
  These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…
  ☆19Updated last year
• lleon1435 / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆14Updated last year
• rbmm / Services
  ☆18Updated last month
• affix / rusty-hollow
  Unix Process hollowing in rust
  ☆20Updated 2 months ago
• EgeBalci / syscall_api
  ☆37Updated last year
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆18Updated last year
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆48Updated 6 months ago
• OtterHacker / Cerbere
  ☆47Updated 2 years ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆39Updated 3 months ago
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated last year
• ProcessusT / EnumSSN
  Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…
  ☆19Updated last year