Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
☆106Dec 15, 2022Updated 3 years ago
Alternatives and similar repositories for Mangle
Users that are interested in Mangle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 3 years ago
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆46Feb 27, 2024Updated 2 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Apr 4, 2023Updated 3 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆369Jul 20, 2023Updated 2 years ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆133May 12, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆66Mar 19, 2024Updated 2 years ago
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆102Sep 5, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆695Oct 23, 2024Updated last year
- DLL proxying for lazy people☆203Dec 1, 2025Updated 5 months ago
- ☆155Mar 5, 2026Updated last month
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆427Apr 18, 2026Updated 2 weeks ago
- Cobalt Strike BOF for evasive .NET assembly execution☆317Mar 31, 2025Updated last year
- shellcode loader for your evasion needs☆353Apr 30, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆346Nov 10, 2025Updated 5 months ago
- Retired TrustedSec Capabilities☆248Jan 5, 2026Updated 3 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆31Jan 30, 2025Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆625Jan 2, 2025Updated last year
- ☆52Mar 30, 2026Updated last month
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆286Apr 17, 2023Updated 3 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- Shellcode loader generator with multiples features☆512Dec 31, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- .NET assembly loader with patchless AMSI and ETW bypass☆379Apr 19, 2023Updated 3 years ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆592Jan 20, 2026Updated 3 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆46Sep 25, 2024Updated last year
- ☆57Feb 16, 2025Updated last year
- ☆49Apr 9, 2025Updated last year
- Sleep obfuscation☆274Dec 13, 2024Updated last year
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆64Jun 23, 2025Updated 10 months ago
- ☆124Oct 9, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆25Jul 5, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆687Aug 15, 2025Updated 8 months ago
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated 4 months ago
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- Evasive loader to bypass static detection☆60Jan 15, 2024Updated 2 years ago
- Load and execute a common object file format (COFF) in the current process☆31Mar 9, 2024Updated 2 years ago