Alternatives and similar repositories for NimlineWhispers

Users that are interested in NimlineWhispers are comparing it to the libraries listed below

• outflanknl / InlineWhispers

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)
  ☆321Nov 9, 2021Updated 4 years ago
• ajpc500 / NimExamples

  View on GitHub
  A collection of offensive Nim example code
  ☆74Dec 21, 2021Updated 4 years ago
• outflanknl / FindObjects-BOF

  View on GitHub
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆275May 3, 2023Updated 2 years ago
• NVISOsecurity / DInvisibleRegistry

  View on GitHub
  DInvisibleRegistry
  ☆82Nov 20, 2020Updated 5 years ago
• frkngksl / ParallelNimcalls

  View on GitHub
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Jan 14, 2022Updated 4 years ago
• FalconForceTeam / SysWhispers2BOF

  View on GitHub
  Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
  ☆127May 24, 2022Updated 3 years ago
• ajpc500 / NimlineWhispers2

  View on GitHub
  A tool for converting SysWhispers2 syscalls for use with Nim projects
  ☆125Dec 22, 2021Updated 4 years ago
• anthemtotheego / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆219Jul 14, 2021Updated 4 years ago
• Sh0ckFR / InlineWhispers2

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆187Jul 21, 2022Updated 3 years ago
• guervild / BOFs

  View on GitHub
  Cobalt Strike Beacon Object Files
  ☆167May 2, 2022Updated 3 years ago
• ajpc500 / BOFs

  View on GitHub
  Collection of Beacon Object Files
  ☆633Nov 1, 2022Updated 3 years ago
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆283Sep 18, 2021Updated 4 years ago
• mai1zhi2 / SysWhispers2_x86

  View on GitHub
  X86 version of syswhispers2 / x86 direct system call
  ☆330Jan 28, 2021Updated 5 years ago
• am0nsec / SharpHellsGate

  View on GitHub
  C# Implementation of the Hell's Gate VX Technique
  ☆216Jun 30, 2020Updated 5 years ago
• moloch-- / DarkLoadLibrary

  View on GitHub
  LoadLibrary for offensive operations
  ☆33Dec 14, 2021Updated 4 years ago
• thesnoom / extps-cobalt-strike-bof

  View on GitHub
  Extended Process List (Search functionality)
  ☆29Jan 23, 2021Updated 5 years ago
• rookuu / BOFs

  View on GitHub
  Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.
  ☆185Feb 11, 2021Updated 5 years ago
• jfmaes / SharpHandler

  View on GitHub
  ☆185Jan 5, 2021Updated 5 years ago
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆220May 3, 2023Updated 2 years ago
• jfmaes / SharpZipRunner

  View on GitHub
  Executes position independent shellcode from an encrypted zip
  ☆304Dec 22, 2020Updated 5 years ago
• EncodeGroup / BOF-RegSave

  View on GitHub
  Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
  ☆216Oct 8, 2020Updated 5 years ago
• S3cur3Th1sSh1t / NimGetSyscallStub

  View on GitHub
  Get fresh Syscalls from a fresh ntdll.dll copy
  ☆236Jan 28, 2022Updated 4 years ago
• mandiant / OfficePurge

  View on GitHub
  ☆263Apr 10, 2023Updated 2 years ago
• CCob / goreflect

  View on GitHub
  Reflective DLL loading of your favorite Golang program
  ☆173Jan 27, 2020Updated 6 years ago
• Ridter / pyForgeCert

  View on GitHub
  pyForgeCert is a Python equivalent of the ForgeCert.
  ☆69Aug 15, 2023Updated 2 years ago
• nettitude / RunOF

  View on GitHub
  ☆152Jan 6, 2023Updated 3 years ago
• mez-0 / CSharpWinRM

  View on GitHub
  .NET 4.0 WinRM API Command Execution
  ☆166Sep 11, 2020Updated 5 years ago
• boku7 / spawn

  View on GitHub
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆469Mar 8, 2023Updated 2 years ago
• obscuritylabs / PeFixup

  View on GitHub
  PE File Blessing - To continue or not to continue
  ☆87Nov 23, 2019Updated 6 years ago
• Soledge / BlockEtw

  View on GitHub
  .Net Assembly to block ETW telemetry in current process
  ☆81May 14, 2020Updated 5 years ago
• Yaxser / CobaltStrike-BOF

  View on GitHub
  Collection of beacon BOF written to learn windows and cobaltstrike
  ☆362Feb 24, 2023Updated 2 years ago
• PorLaCola25 / TransactedSharpMiniDump

  View on GitHub
  Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…
  ☆71Nov 14, 2020Updated 5 years ago
• jthuraisamy / SysWhispers2

  View on GitHub
  AV/EDR evasion via direct system calls.
  ☆1,789Sep 3, 2022Updated 3 years ago
• EspressoCake / PPLDump_BOF

  View on GitHub
  A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
  ☆143Sep 24, 2021Updated 4 years ago
• Accenture / CLRvoyance

  View on GitHub
  Managed assembly shellcode generation
  ☆280Mar 19, 2021Updated 4 years ago
• xforcered / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆244Jul 14, 2021Updated 4 years ago
• cube0x0 / ParallelSyscalls

  View on GitHub
  C# version of MDSec's ParallelSyscalls
  ☆141Jan 9, 2022Updated 4 years ago
• matterpreter / SHAPESHIFTER

  View on GitHub
  Companion PoC for the "Adventures in Dynamic Evasion" blog post
  ☆130May 25, 2021Updated 4 years ago
• outflanknl / TamperETW

  View on GitHub
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆192Mar 26, 2020Updated 5 years ago