ZephrFish/HelloJackHunter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ZephrFish/HelloJackHunter)

ZephrFish / HelloJackHunter

Research into WinSxS binaries and finding hijackable paths

☆30

Alternatives and similar repositories for HelloJackHunter

Users that are interested in HelloJackHunter are comparing it to the libraries listed below

Sorting:

LDrakura / CVE-Monitor
View on GitHub
GitHubApi CVE Poc监控工具
☆14Jan 23, 2026Updated 2 months ago
cybersectroll / SharpPersistSD
View on GitHub
☆91May 15, 2024Updated last year
dis0rder0x00 / ParentProcessManipulation-LNK
View on GitHub
Using LNK files and user input simulation to start processes under explorer.exe
☆34Sep 21, 2024Updated last year
nettitude / TokenCert
View on GitHub
TokenCert
☆102Nov 15, 2024Updated last year
jborean93 / AmsiProvider
View on GitHub
Test AMSI Provider implementation in C#
☆43Dec 18, 2024Updated last year
Tylous / Dent
View on GitHub
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
☆15Apr 4, 2023Updated 2 years ago
senzee1984 / InflativeLoading
View on GitHub
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
☆326Apr 12, 2024Updated last year
y00ga-sec / Trustify
View on GitHub
Attack Active Directory Trusts with a single tool
☆14Jan 15, 2025Updated last year
0xsp-SRD / MDE_Enum
View on GitHub
comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
☆211Jun 10, 2024Updated last year
oriolOrnaque / VBAObfuscator
View on GitHub
VBA Macro obfuscator
☆13Sep 20, 2020Updated 5 years ago
123ojp / GREtunnel-scanner
View on GitHub
This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
☆95Aug 23, 2025Updated 6 months ago
ZephrFish / DynamicMSBuilder
View on GitHub
A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation
☆38Dec 7, 2025Updated 3 months ago
xrombar / flower
View on GitHub
a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
☆112Mar 25, 2024Updated last year
Hypnoze57 / SharpHound4Cobalt
View on GitHub
C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
☆59Apr 13, 2023Updated 2 years ago
EvanMcBroom / perfect-loader
View on GitHub
Load a dynamic library from memory by modifying the native Windows loader
☆286Jun 18, 2025Updated 9 months ago
thiagomayllart / DarkMelkor
View on GitHub
Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
☆28Sep 8, 2021Updated 4 years ago
INotGreen / Nopowershell
View on GitHub
Call the CLR interface from memory to load powershell, process-less powershell
☆15Sep 7, 2023Updated 2 years ago
ttstormxx / lineadd
View on GitHub
lineadd 渗透测试字典管理工具, 让字典管理生活轻松一点。Penetration test dictionary management tool, make dictionary management life a little easier.
☆27Aug 19, 2023Updated 2 years ago
NVISOsecurity / codasm
View on GitHub
Payload encoding utility to effectively lower payload entropy.
☆125Apr 15, 2025Updated 11 months ago
waawaa / Hooked-Injector
View on GitHub
Hooked create process injection for meterpreter
☆23Jun 16, 2021Updated 4 years ago
qi4L / Phant0m-go
View on GitHub
kill windows log
☆45Mar 26, 2024Updated last year
Vang3lis / CLFS_POC
View on GitHub
clfs CVE 的一些 POC 收集
☆16Oct 27, 2022Updated 3 years ago
ZeroLP / SecureStringNAOT
View on GitHub
Compile time string encryption with NativeAOT
☆32Nov 12, 2022Updated 3 years ago
dreamkinn / go-ThreadlessInject
View on GitHub
Golang implementation of @CCob's C# ThreadlessInject
☆31May 11, 2024Updated last year
d0ub1ec0d3 / SharpEmailC2
View on GitHub
☆18Nov 23, 2023Updated 2 years ago
0x3rhy / BOF-DCOMPotato-PrintNotify
View on GitHub
Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
☆13Feb 4, 2024Updated 2 years ago
icyguider / UAC-BOF-Bonanza
View on GitHub
Collection of UAC Bypass Techniques Weaponized as BOFs
☆611Feb 21, 2024Updated 2 years ago
maliciousgroup / RDI-SRDI
View on GitHub
This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
☆87Apr 11, 2023Updated 2 years ago
X1r0z / go-ntlmssp
View on GitHub
NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (PtH)
☆17Sep 13, 2024Updated last year
hasherezade / waiting_thread_hijacking
View on GitHub
Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
☆264Aug 31, 2025Updated 6 months ago
sv3nbeast / ReadSun2Desk
View on GitHub
读取dump向日葵&Todesk进程的文件获得连接信息
☆17Sep 27, 2024Updated last year
xiaoy-sec / USBShutdown
View on GitHub
反取证程序，类似usbkill
☆11Apr 22, 2023Updated 2 years ago
bryanroma / HollowSVC
View on GitHub
Windows Service with the implementation of the Process hollowing technique to run shellcode
☆14Jul 20, 2023Updated 2 years ago
1y0n / AVKiller
View on GitHub
一种通过进程注入实现强制关闭部分杀软进程的方法（以360安全卫士和360杀毒为例）
☆138Dec 26, 2023Updated 2 years ago
DeEpinGh0st / sRDI-nim
View on GitHub
A nim implementation of sRDI
☆20Oct 18, 2023Updated 2 years ago
ZERODETECTION / MSC_Dropper
View on GitHub
☆254Jul 31, 2024Updated last year
JanielDary / ImmoralFiber
View on GitHub
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
☆283Sep 18, 2024Updated last year
bhassani / doublepulsar
View on GitHub
DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)
☆28Mar 11, 2020Updated 6 years ago
rsmudge / unhook-bof
View on GitHub
Remove API hooks from a Beacon process.
☆282Sep 18, 2021Updated 4 years ago