Tylous/Ivy

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Tylous/Ivy)

Tylous / Ivy

Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.

☆24

Alternatives and similar repositories for Ivy

Users that are interested in Ivy are comparing it to the libraries listed below

Sorting:

Tylous / Dent
View on GitHub
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
☆15Apr 4, 2023Updated 2 years ago
Tylous / Talon
View on GitHub
A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.
☆46Feb 27, 2024Updated 2 years ago
Tylous / Mangle
View on GitHub
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
☆104Dec 15, 2022Updated 3 years ago
seriotonctf / kerberos_aes_key
View on GitHub
Generate AES128 and AES256 Kerberos keys from a given username, password, and realm
☆18Sep 18, 2024Updated last year
Cipher7 / havoc-SauronEye
View on GitHub
☆11Dec 8, 2023Updated 2 years ago
jakobfriedl / havoc-NoPowerShell
View on GitHub
Havoc plugin allowing in-memory execution of PowerShell cmdlets
☆13Dec 14, 2023Updated 2 years ago
m7rick / Havoc-DLLHijack
View on GitHub
A tool to assist DLL hijacking via the Havoc GUI
☆12Jan 9, 2024Updated 2 years ago
Tylous / Freeze
View on GitHub
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
☆131May 12, 2023Updated 2 years ago
Tylous / File-Smuggling
View on GitHub
HTML smuggling is not an evil, it can be useful
☆14Jan 28, 2023Updated 3 years ago
0xflagplz / Xll-Payload-Generator
View on GitHub
Excel Add In Payload Generator
☆14Oct 9, 2023Updated 2 years ago
Tylous / ScareCrow
View on GitHub
ScareCrow - Payload creation framework designed around EDR bypass.
☆361Jul 20, 2023Updated 2 years ago
gerbsec / SmokeyObfuscator
View on GitHub
Rewrite to fit my needs
☆32Jul 20, 2024Updated last year
Octoberfest7 / Backstab_BOF
View on GitHub
Beacon Object File implementation of Yaxser's Backstab
☆15Mar 9, 2022Updated 3 years ago
aress31 / vulcan
View on GitHub
A PowerShell script that simplifies life and therefore... phishing.
☆20Aug 16, 2022Updated 3 years ago
matro7sh / 221b
View on GitHub
Bake shellcode to get malicious.exe
☆27Jul 25, 2023Updated 2 years ago
sliverarmory / armory
View on GitHub
The Official Sliver Armory
☆134Apr 17, 2025Updated 10 months ago
som3canadian / Mythic_NimSyscallPacker_Wrapper
View on GitHub
Mythic C2 wrapper for NimSyscallPacker
☆25Mar 12, 2025Updated 11 months ago
0xv1n / Havoc-ProfileGenerator
View on GitHub
malleable profile generator GUI for Havoc
☆55Apr 28, 2023Updated 2 years ago
p4p1 / havoc-privkit
View on GitHub
a port of privkit bof for havoc
☆23Dec 8, 2023Updated 2 years ago
jakobfriedl / BenevolentLoader
View on GitHub
Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
☆102Jun 16, 2024Updated last year
p4p1 / havoc-ligolo
View on GitHub
A Havoc UI tool to pivot onto a machine using ligolo-ng
☆50Jan 23, 2024Updated 2 years ago
Cracked5pider / kaine-assembly
View on GitHub
a demo module for the kaine agent to execute and inject assembly modules
☆41Aug 28, 2024Updated last year
aress31 / ness6nmap2xlsx
View on GitHub
XLSX parser for nessus and nmap scan results.
☆12Nov 22, 2019Updated 6 years ago
redcode-labs / RedHash
View on GitHub
Medusa combo files, Hashcat rules and dictionaries, JRT rules
☆14Oct 20, 2022Updated 3 years ago
xbz0n / MacroPhantom
View on GitHub
MacroPhantom automates the process of generating XOR+Caesar encrypted shellcode and embedding it into VBA macros for Microsoft Office doc…
☆18Mar 20, 2025Updated 11 months ago
stavrosgns / PDump
View on GitHub
PDump is a project for dumping leaked credentials from DEHASHED
☆17Jan 21, 2024Updated 2 years ago
venomnis / Misanthro.py
View on GitHub
Attacking indiscriminately every header, cookie, GET and POST parameter with blind fury.
☆13Sep 25, 2025Updated 5 months ago
tommelo / lnk2pwn
View on GitHub
Malicious Shortcut(.lnk) Generator
☆86Nov 23, 2018Updated 7 years ago
Mr-xn / CVE-2024-32113
View on GitHub
Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]
☆27Jun 3, 2024Updated last year
Offensive-Panda / NT-AUTHORITY-SYSTEM-CONTEXT-RTCORE
View on GitHub
This exploit rebuilds and exploit the CVE-2019-16098 which is in driver Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCo…
☆30Aug 5, 2024Updated last year
a7t0fwa7 / SymProcSleuth
View on GitHub
A pure C version of SymProcAddress
☆30Mar 17, 2024Updated last year
RedSiege / Jigsaw
View on GitHub
Hide shellcode by shuffling bytes into a random array and reconstruct at runtime
☆203Mar 26, 2025Updated 11 months ago
0x4xel / Bat-Potato
View on GitHub
Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.
☆48Dec 13, 2022Updated 3 years ago
matro7sh / matro7sh_loaders
View on GitHub
this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
☆83Dec 20, 2023Updated 2 years ago
sploutchy / impacket
View on GitHub
Impacket is a collection of Python classes for working with network protocols.
☆31Jun 27, 2024Updated last year
Octoberfest7 / lnk_generator
View on GitHub
Small project to facilitate creation of .lnk payloads
☆80Nov 18, 2022Updated 3 years ago
RedSiege / AutoFunkt
View on GitHub
Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles
☆201Jun 25, 2024Updated last year
scriptchildie / goEkko
View on GitHub
Sleep obfuscation in golang based on ekko
☆13Jan 16, 2024Updated 2 years ago
C5Hackr / ARM64_AmsiPatch
View on GitHub
☆21Jan 8, 2026Updated last month