Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
☆105Dec 15, 2022Updated 3 years ago
Alternatives and similar repositories for Mangle
Users that are interested in Mangle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 3 years ago
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆46Feb 27, 2024Updated 2 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Apr 4, 2023Updated 3 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆373Jul 20, 2023Updated 2 years ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆133May 12, 2023Updated 3 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆66Mar 19, 2024Updated 2 years ago
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆102Sep 5, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆702Oct 23, 2024Updated last year
- DLL proxying for lazy people☆204May 4, 2026Updated 2 weeks ago
- ☆155Mar 5, 2026Updated 2 months ago
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆435Apr 18, 2026Updated last month
- Cobalt Strike BOF for evasive .NET assembly execution☆319Mar 31, 2025Updated last year
- shellcode loader for your evasion needs☆353Apr 30, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆347Nov 10, 2025Updated 6 months ago
- Retired TrustedSec Capabilities☆249Jan 5, 2026Updated 4 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆31Jan 30, 2025Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆627Jan 2, 2025Updated last year
- ☆52Mar 30, 2026Updated last month
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆289Apr 17, 2023Updated 3 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- Shellcode loader generator with multiples features☆513Dec 31, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- .NET assembly loader with patchless AMSI and ETW bypass☆381Apr 19, 2023Updated 3 years ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆46Sep 25, 2024Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆602Jan 20, 2026Updated 4 months ago
- ☆57Feb 16, 2025Updated last year
- ☆49Apr 9, 2025Updated last year
- Sleep obfuscation☆276Dec 13, 2024Updated last year
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆64Jun 23, 2025Updated 10 months ago
- ☆124Oct 9, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆25Jul 5, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆693Aug 15, 2025Updated 9 months ago
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- Evasive loader to bypass static detection☆60Jan 15, 2024Updated 2 years ago
- Load and execute a common object file format (COFF) in the current process☆31Mar 9, 2024Updated 2 years ago
- Hide your P/Invoke signatures through other people's signed assemblies☆213Mar 10, 2024Updated 2 years ago