Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
☆104Dec 15, 2022Updated 3 years ago
Alternatives and similar repositories for Mangle
Users that are interested in Mangle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 2 years ago
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆46Feb 27, 2024Updated 2 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Apr 4, 2023Updated 2 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆365Jul 20, 2023Updated 2 years ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆132May 12, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆65Mar 19, 2024Updated 2 years ago
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆101Sep 5, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆685Oct 23, 2024Updated last year
- DLL proxying for lazy people☆203Dec 1, 2025Updated 3 months ago
- ☆155Mar 5, 2026Updated 2 weeks ago
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆407Sep 26, 2024Updated last year
- shellcode loader for your evasion needs☆350Apr 30, 2025Updated 10 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆309Mar 31, 2025Updated 11 months ago
- ☆342Nov 10, 2025Updated 4 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Retired TrustedSec Capabilities☆250Jan 5, 2026Updated 2 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆31Jan 30, 2025Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆617Jan 2, 2025Updated last year
- ☆53Sep 23, 2025Updated 5 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆278Apr 17, 2023Updated 2 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- Shellcode loader generator with multiples features☆508Dec 31, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆374Apr 19, 2023Updated 2 years ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆574Jan 20, 2026Updated 2 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- ☆58Feb 16, 2025Updated last year
- Sleep obfuscation☆271Dec 13, 2024Updated last year
- ☆49Apr 9, 2025Updated 11 months ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 9 months ago
- ☆123Oct 9, 2023Updated 2 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆681Aug 15, 2025Updated 7 months ago
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated 2 months ago
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- Abusing Azure services over C2☆367Jan 20, 2026Updated 2 months ago
- Evasive loader to bypass static detection☆60Jan 15, 2024Updated 2 years ago