Alternatives and similar repositories for Bentico:

Users that are interested in Bentico are comparing it to the libraries listed below

• TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
  A curated compilation of extensive resources dedicated to bootkit and rootkit development.
  ☆37Updated 3 weeks ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆175Updated 2 months ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆174Updated last year
• boku7 / patchwerk
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆171Updated last month
• TheMalwareGuardian / Abismo
  UEFI Windows Bootkit
  ☆30Updated 9 months ago
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆168Updated 3 weeks ago
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆177Updated last year
• deepinstinct / ShimMe
  ☆137Updated 5 months ago
• scrt / PowerChell
  A PowerShell console in C/C++ with all the security features disabled
  ☆216Updated 2 weeks ago
• ricardojoserf / NativeBypassCredGuard
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆233Updated 3 months ago
• BlackSnufkin / Invoke-DumpMDEConfig
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆144Updated 9 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆212Updated 3 months ago
• OtterHacker / Hooker
  ☆103Updated 5 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆152Updated 3 months ago
• safedv / RustSoliloquy
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆159Updated 3 months ago
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆174Updated 2 months ago
• Wh04m1001 / CVE-2024-20656
  ☆137Updated last year
• WKL-Sec / GregsBestFriend
  GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
  ☆184Updated last year
• ghostpepper108 / Evasion
  ☆107Updated last year
• eversinc33 / 1.6-C2
  Using the Counter Strike 1.6 RCON protocol as a C2 Channel.
  ☆75Updated last month
• ZERODETECTION / MSC_Dropper
  ☆148Updated 8 months ago
• BlackShell256 / Null-AMSI
  Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.
  ☆47Updated 3 weeks ago
• tehstoni / LexiCrypt
  Shellcode encryptor using a substitution cipher with a randomly generated key.
  ☆120Updated 2 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆106Updated 6 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆162Updated 9 months ago
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆185Updated last month
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆142Updated last week
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆161Updated last year
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆118Updated 4 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆111Updated last year