Alternatives and similar repositories for FaceDancer

Users that are interested in FaceDancer are comparing it to the libraries listed below

• V-i-x-x / AMSI-WRITE-RAID-BYPASS
  "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
  ☆315Updated 4 months ago
• decoder-it / KrbRelayEx
  ☆378Updated 3 months ago
• 0xthirteen / Carseat
  Python implementation of GhostPack's Seatbelt situational awareness tool
  ☆270Updated last year
• BlackSnufkin / GhostDriver
  yet another AV killer tool using BYOVD
  ☆300Updated 2 years ago
• icyguider / LightsOut
  Generate an obfuscated DLL that will disable AMSI & ETW
  ☆329Updated last year
• deepinstinct / DCOMUploadExec
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆380Updated last year
• cpu0x00 / Ghost
  Evasive shellcode loader
  ☆398Updated last year
• mandiant / msi-search
  ☆290Updated 2 years ago
• floesen / EventLogCrasher
  ☆189Updated 2 years ago
• ZERODETECTION / MSC_Dropper
  ☆244Updated last year
• S1lkys / SharpKiller
  Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
  ☆351Updated last year
• rasta-mouse / OST-C2-Spec
  Open Source C&C Specification
  ☆278Updated 11 months ago
• cybersectroll / TrollAMSI
  ☆186Updated 7 months ago
• hackerhouse-opensource / Stinger
  CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as A…
  ☆299Updated 2 years ago
• rtecCyberSec / BitlockMove
  Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
  ☆432Updated 7 months ago
• boku7 / venom
  Venom C2 is a dependency‑free Python3 Command & Control framework for redteam persistence
  ☆417Updated 2 months ago
• rvrsh3ll / Bolthole
  Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.
  ☆264Updated 9 months ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆282Updated last year
• skelsec / evilrdp
  ☆305Updated 10 months ago
• dobin / avred
  Analyse your malware to surgically obfuscate it
  ☆517Updated last month
• 0xdea / blindsight
  Red teaming tool to dump LSASS memory, bypassing basic countermeasures.
  ☆245Updated 3 months ago
• andreisss / Ghosting-AMSI
  Ghosting-AMSI
  ☆220Updated 9 months ago
• rtecCyberSec / Packer_Development
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆282Updated last year
• safedv / RustSoliloquy
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆191Updated 9 months ago
• MzHmO / LeakedWallpaper
  Leak of any user's NetNTLM hash. Fixed in KB5040434
  ☆259Updated last year
• Maldev-Academy / MaldevAcademyLdr.2
  RunPE implementation with multiple evasive techniques (2)
  ☆268Updated 4 months ago
• safedv / RustPotato
  A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…
  ☆353Updated 9 months ago
• logangoins / Krueger
  Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
  ☆419Updated 4 months ago
• MzHmO / WhoIsWho
  Amazing whoami alternatives
  ☆141Updated last year
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆203Updated 10 months ago