anvilsecure/ulexecve external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

anvilsecure/ulexecve

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/anvilsecure/ulexecve)

Close

anvilsecure / ulexecveView on GitHubMore

• External links
• Readme badge

ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries ever having to touch storage. This is useful for red-teaming and anti-forensics purposes.

☆208Jan 3, 2024Updated 2 years ago

Alternatives and similar repositories for ulexecve

Users that are interested in ulexecve are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• trustedsec / ELFLoader

  View on GitHub
  ☆319May 16, 2022Updated 3 years ago
• zimnyaa / grpcssh

  View on GitHub
  A simple reverse ssh/proxy implant PoC for *nix systems.
  ☆57Jul 5, 2024Updated last year
• MrAle98 / BOF-RunPE

  View on GitHub
  ☆57Apr 19, 2023Updated 3 years ago
• wumb0 / rust_bof

  View on GitHub
  Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
  ☆284Feb 8, 2024Updated 2 years ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆234Oct 18, 2022Updated 3 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• vyrus001 / ebowla-2

  View on GitHub
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆23Sep 15, 2021Updated 4 years ago
• rkbennett / pybof

  View on GitHub
  Python module for running BOFs
  ☆80Nov 28, 2025Updated 5 months ago
• DavidBuchanan314 / stelf-loader

  View on GitHub
  A stealthy ELF loader - no files, no execve, no RWX
  ☆174Dec 31, 2023Updated 2 years ago
• kyleavery / pendulum

  View on GitHub
  Linux Sleep Obfuscation
  ☆115Jan 7, 2024Updated 2 years ago
• NUL0x4C / KnownDllUnhook

  View on GitHub
  Replace the .txt section of the current loaded modules from \KnownDlls\
  ☆306Sep 28, 2022Updated 3 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,014Jun 4, 2024Updated last year
• arget13 / DDexec

  View on GitHub
  A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
  ☆884Mar 21, 2025Updated last year
• sliverarmory / sliver-script

  View on GitHub
  TypeScript/JavaScript client libraries for Sliver
  ☆27Apr 17, 2026Updated 2 weeks ago
• icyguider / MoreImpacketExamples

  View on GitHub
  More examples using the Impacket library designed for learning purposes.
  ☆266Nov 4, 2022Updated 3 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆719Mar 4, 2023Updated 3 years ago
• dsnezhkov / elfpack

  View on GitHub
  ☆51Jun 28, 2022Updated 3 years ago
• RistBS / ContextMenuHijack

  View on GitHub
  Execute a payload at each right click on a file/folder in the explorer menu for persistence
  ☆175Mar 15, 2023Updated 3 years ago
• usiegl00 / tamatoa

  View on GitHub
  If you have any questions, please open an issue.
  ☆25Apr 6, 2022Updated 4 years ago
• EvanMcBroom / fuse-loader

  View on GitHub
  Load a dynamic library from memory using a fuse mount
  ☆32Sep 15, 2023Updated 2 years ago
• lesnuages / chrome-dump

  View on GitHub
  Chrome cookie dumper
  ☆18Jan 27, 2021Updated 5 years ago
• med0x2e / vba2clr

  View on GitHub
  Running .NET from VBA
  ☆148Feb 11, 2023Updated 3 years ago
• memN0ps / venom-rs

  View on GitHub
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆366Mar 2, 2024Updated 2 years ago
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆625Jan 2, 2025Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• mandatoryprogrammer / comfortably-run

  View on GitHub
  A CLI tool which can be used to inject JavaScript into arbitrary Chrome origins via the Chrome DevTools Protocol
  ☆46Jan 18, 2021Updated 5 years ago
• OccamsXor / Dragnmove

  View on GitHub
  Infect Shared Files In Memory for Lateral Movement
  ☆191Dec 14, 2022Updated 3 years ago
• daddycocoaman / azbelt

  View on GitHub
  AAD related enumeration in Nim
  ☆131Sep 7, 2023Updated 2 years ago
• outflanknl / seccomp-notify-injection

  View on GitHub
  Linux Process Injection via Seccomp Notifier
  ☆95Dec 9, 2025Updated 4 months ago
• wavestone-cdt / EDRSandblast

  View on GitHub
  ☆1,812Aug 30, 2024Updated last year
• monoxgas / Koppeling

  View on GitHub
  Adaptive DLL hijacking / dynamic export forwarding
  ☆816Jul 6, 2020Updated 5 years ago
• awgh / rawreader

  View on GitHub
  Implements io.ReaderAt over raw memory.
  ☆13Jun 26, 2020Updated 5 years ago
• janoglezcampos / DeathSleep

  View on GitHub
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆535Aug 1, 2022Updated 3 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆674Dec 23, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• Octoberfest7 / Mutants_Sessions_Self-Deletion

  View on GitHub
  Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.
  ☆129Apr 24, 2022Updated 4 years ago
• gabriellandau / PPLFault

  View on GitHub
  ☆568Feb 22, 2024Updated 2 years ago
• emperorcow / go-netscan

  View on GitHub
  ☆33Aug 14, 2020Updated 5 years ago
• nnsee / fileless-elf-exec

  View on GitHub
  Execute ELF files without dropping them on disk
  ☆505Jun 28, 2024Updated last year
• MEhrn00 / boflink

  View on GitHub
  Linker for Beacon Object Files
  ☆179Mar 30, 2026Updated last month
• phra / PEzor

  View on GitHub
  Open-Source Shellcode & PE Packer
  ☆2,094Feb 3, 2024Updated 2 years ago
• RiccardoAncarani / LiquidSnake

  View on GitHub
  LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
  ☆347Sep 1, 2021Updated 4 years ago