Alternatives and similar repositories for hollow_rs

Users that are interested in hollow_rs are comparing it to the libraries listed below

• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆70Jun 29, 2025Updated 7 months ago
• tijme / nimplant-beacon-position-independent-c-code

  View on GitHub
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆66Feb 11, 2025Updated last year
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• NoahKirchner / speedloader

  View on GitHub
  Rust template/library for implementing your own COFF loader
  ☆71Jan 27, 2025Updated last year
• redr0nin / CVE-2024-38143

  View on GitHub
  Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
  ☆24Feb 5, 2025Updated last year
• sagiol / Terms-of-What

  View on GitHub
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆44Jun 23, 2025Updated 7 months ago
• JayGLXR / RustyMirage

  View on GitHub
  A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆38Mar 6, 2025Updated 11 months ago
• winsecurity / AMSI-Bypass-HWBP

  View on GitHub
  ☆26Aug 11, 2025Updated 6 months ago
• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆62Nov 8, 2024Updated last year
• safedv / RustVEHSyscalls

  View on GitHub
  A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
  ☆161Oct 31, 2024Updated last year
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆231Feb 12, 2025Updated last year
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆194Nov 27, 2024Updated last year
• Tylous / Dent

  View on GitHub
  A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
  ☆15Apr 4, 2023Updated 2 years ago
• joaoviictorti / coffeeldr

  View on GitHub
  A COFF Loader written in Rust
  ☆135Dec 1, 2025Updated 2 months ago
• casp3r0x0 / CortexRansomBypass

  View on GitHub
  Cortex EDR Ransomware protection Bypass
  ☆26Feb 8, 2025Updated last year
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆220Oct 30, 2025Updated 3 months ago
• HulkOperator / AuthStager

  View on GitHub
  ☆59Oct 24, 2024Updated last year
• Whitecat18 / earlycascade-injection

  View on GitHub
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆67Dec 26, 2025Updated last month
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆183Jan 17, 2026Updated 3 weeks ago
• djackreuter / rustlualoader

  View on GitHub
  Shellcode loader that executes embedded Lua from Rust.
  ☆127Dec 16, 2024Updated last year
• 0xbad53c / OffSecOps-Arsenal

  View on GitHub
  Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.
  ☆45Aug 16, 2024Updated last year
• hdks-bug / redteam-techniques

  View on GitHub
  Collection of red team techniques.
  ☆66Apr 25, 2025Updated 9 months ago
• CompassSecurity / TokenPhisher

  View on GitHub
  ☆26Feb 11, 2025Updated last year
• Teach2Breach / snapinject_rs

  View on GitHub
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆50Jan 25, 2025Updated last year
• tehstoni / RustyKeys

  View on GitHub
  UAC Bypass using CMSTP in Rust
  ☆34Dec 6, 2024Updated last year
• Teach2Breach / phantom_persist_rs

  View on GitHub
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆63Jun 23, 2025Updated 7 months ago
• ameenalkerdy / ETWShellcodeLoader

  View on GitHub
  Shellcode Loader Utilizing ETW Events
  ☆67Feb 26, 2025Updated 11 months ago
• gsmith257-cyber / better-sliver

  View on GitHub
  Adversary Emulation Framework
  ☆129Jul 1, 2025Updated 7 months ago
• dmcxblue / Claude-C2

  View on GitHub
  Utilizng an MCP Server to communicate with your C2
  ☆86May 15, 2025Updated 9 months ago
• OtterHacker / AWSRoundRobin

  View on GitHub
  ☆41Feb 20, 2025Updated 11 months ago
• joaoviictorti / rustbof

  View on GitHub
  A Rust template for writing Beacon Object Files (BOFs)
  ☆87Updated this week
• smokeme / asar-backdoor

  View on GitHub
  ☆33Mar 19, 2025Updated 10 months ago
• JayGLXR / NomadLoader

  View on GitHub
  An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…
  ☆63Mar 1, 2025Updated 11 months ago
• tijme / relocatable

  View on GitHub
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆116Jan 20, 2025Updated last year
• affix / rusty-hollow

  View on GitHub
  Unix Process hollowing in rust
  ☆22Dec 16, 2024Updated last year
• JJK96 / PIClin

  View on GitHub
  From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…
  ☆53Sep 22, 2025Updated 4 months ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• 0xTriboulet / Abomination

  View on GitHub
  A synergized Visual Studio and Rust development environment
  ☆19Jan 25, 2025Updated last year
• kleiton0x00 / RtlHijack

  View on GitHub
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆78Aug 25, 2025Updated 5 months ago