Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
☆103Dec 15, 2022Updated 3 years ago
Alternatives and similar repositories for Mangle
Users that are interested in Mangle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 3 years ago
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆45Feb 27, 2024Updated 2 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Apr 4, 2023Updated 3 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆366Jul 20, 2023Updated 2 years ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆132May 12, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆66Mar 19, 2024Updated 2 years ago
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆102Sep 5, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆690Oct 23, 2024Updated last year
- DLL proxying for lazy people☆203Dec 1, 2025Updated 4 months ago
- ☆155Mar 5, 2026Updated last month
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆408Sep 26, 2024Updated last year
- shellcode loader for your evasion needs☆351Apr 30, 2025Updated 11 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆312Mar 31, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ☆344Nov 10, 2025Updated 5 months ago
- Retired TrustedSec Capabilities☆248Jan 5, 2026Updated 3 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆31Jan 30, 2025Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆622Jan 2, 2025Updated last year
- ☆52Mar 30, 2026Updated last week
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆281Apr 17, 2023Updated 2 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- Shellcode loader generator with multiples features☆507Dec 31, 2024Updated last year
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- .NET assembly loader with patchless AMSI and ETW bypass☆375Apr 19, 2023Updated 2 years ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆587Jan 20, 2026Updated 2 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆46Sep 25, 2024Updated last year
- ☆57Feb 16, 2025Updated last year
- ☆49Apr 9, 2025Updated last year
- Sleep obfuscation☆272Dec 13, 2024Updated last year
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 9 months ago
- ☆124Oct 9, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆25Jul 5, 2023Updated 2 years ago
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆685Aug 15, 2025Updated 7 months ago
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated 3 months ago
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- Evasive loader to bypass static detection☆59Jan 15, 2024Updated 2 years ago
- Load and execute a common object file format (COFF) in the current process☆30Mar 9, 2024Updated 2 years ago