Alternatives and similar repositories for awesome-persistence

Users that are interested in awesome-persistence are comparing it to the libraries listed below

• Nariod / Tartocitron
  Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.
  ☆10Updated 3 years ago
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated 2 years ago
• MzHmO / PPLDescribe
  Tool for obtaining information about PPL processes
  ☆17Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 3 years ago
• rbmm / Hollowed-Process
  ☆30Updated last week
• susMdT / fictional-invention
  idk man this was the default github name
  ☆35Updated 2 years ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆55Updated last year
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆49Updated 3 years ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆18Updated last year
• whokilleddb / injection-for-dummies
  A collection of PoCs for different injection techniques on Windows!
  ☆45Updated 2 years ago
• eversinc33 / RDPassSpray
  Python3 tool to perform password spraying using RDP
  ☆17Updated 2 years ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated last year
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆41Updated 2 years ago
• EgeBalci / syscall_api
  ☆37Updated 2 years ago
• rbmm / Services
  ☆18Updated 7 months ago
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆43Updated last year
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆55Updated 6 months ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆25Updated 4 months ago
• BlackHat-Ashura / Process_Ghosting
  Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…
  ☆15Updated last year
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆64Updated 7 months ago
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆49Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• xpn / stego-playground
  ☆36Updated last year
• 7eRoM / tutorials
  ☆16Updated 3 months ago
• rbmm / TL-TASK
  ☆20Updated this week
• hlldz / misc
  miscellaneous codes
  ☆35Updated last year
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆26Updated last year