Alternatives and similar repositories for freeMetsrvLoader

Users that are interested in freeMetsrvLoader are comparing it to the libraries listed below

• Kharos102 / ReadWriteDriverSample

  View on GitHub
  ☆25Apr 28, 2024Updated last year
• WKL-Sec / StackMask

  View on GitHub
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆66May 2, 2023Updated 2 years ago
• hlldz / misc

  View on GitHub
  miscellaneous codes
  ☆36Sep 24, 2023Updated 2 years ago
• foxlox / hypobrychium

  View on GitHub
  Duplicate not owned Token from Running Process
  ☆74Jul 21, 2023Updated 2 years ago
• ZeroMemoryEx / Tokenizer

  View on GitHub
  Kernel Mode Driver for Elevating Process Privileges
  ☆134Mar 23, 2023Updated 2 years ago
• g0h4n / REC2

  View on GitHub
  REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs…
  ☆163Feb 22, 2024Updated last year
• tijme / amd-ryzen-master-driver-v17-exploit

  View on GitHub
  Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
  ☆154Jan 21, 2023Updated 3 years ago
• OtterHacker / Cerbere

  View on GitHub
  ☆49Feb 11, 2023Updated 3 years ago
• NVISOsecurity / Interceptor

  View on GitHub
  Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space
  ☆136Jan 2, 2023Updated 3 years ago
• ab2pentest / MacOSThreatTrack

  View on GitHub
  Bash tool used for proactive detection of malicious activity on macOS systems.
  ☆39Sep 29, 2025Updated 4 months ago
• 0xv1n / Havoc-ProfileGenerator

  View on GitHub
  malleable profile generator GUI for Havoc
  ☆55Apr 28, 2023Updated 2 years ago
• Kudaes / CustomEntryPoint

  View on GitHub
  Select any exported function in a dll as the new dll's entry point.
  ☆82Oct 25, 2024Updated last year
• emdnaia / OdinLdr

  View on GitHub
  Cobaltstrike UDRL with memory evasion
  ☆15May 16, 2024Updated last year
• susMdT / fictional-invention

  View on GitHub
  idk man this was the default github name
  ☆35Apr 23, 2023Updated 2 years ago
• mobdk / WinSpoof

  View on GitHub
  Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code
  ☆24Mar 13, 2023Updated 2 years ago
• florylsk / RecycledInjector

  View on GitHub
  Native Syscalls Shellcode Injector
  ☆267Jul 2, 2023Updated 2 years ago
• axylisdead / TenantHunter

  View on GitHub
  A small script to resolve domains to Azure AD tenants (and OAuth login portals)
  ☆29Jun 26, 2023Updated 2 years ago
• c3r3br4t3 / ShadowRDP

  View on GitHub
  ☆75Feb 4, 2024Updated 2 years ago
• SaadAhla / PSpersist

  View on GitHub
  Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…
  ☆86Aug 2, 2023Updated 2 years ago
• SaadAhla / D1rkSleep

  View on GitHub
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆125Feb 13, 2023Updated 3 years ago
• mlcsec / SharpGraphView

  View on GitHub
  Microsoft Graph API post-exploitation toolkit
  ☆95Jul 13, 2024Updated last year
• reveng007 / AMSI-patches-learned-till-now

  View on GitHub
  I have documented all of the AMSI patches that I learned till now
  ☆75Nov 4, 2025Updated 3 months ago
• ronin-rb / ronin-payloads

  View on GitHub
  A Ruby micro-framework for writing and running exploit payloads
  ☆23Jan 16, 2026Updated 3 weeks ago
• 0xEr3bus / ShadowForgeC2

  View on GitHub
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆52Jul 15, 2023Updated 2 years ago
• oldboy21 / CGPL

  View on GitHub
  Yet, Another Packer/Loader
  ☆25Feb 26, 2023Updated 2 years ago
• knight0x07 / PoC-Malware-TTPs

  View on GitHub
  PoC-Malware-TTPs
  ☆49Mar 26, 2023Updated 2 years ago
• SaadAhla / D1rkLdr

  View on GitHub
  Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…
  ☆323Aug 2, 2023Updated 2 years ago
• securifybv / BOFRyptor

  View on GitHub
  ☆122Oct 9, 2023Updated 2 years ago
• skelsec / aiowinreg

  View on GitHub
  Registry hive parsing the async way
  ☆25Oct 29, 2025Updated 3 months ago
• 0xv1n / proc-suspend

  View on GitHub
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Mar 26, 2023Updated 2 years ago
• itaymigdal / RegStrike

  View on GitHub
  RegStrike is a .reg payload generator
  ☆58Sep 19, 2023Updated 2 years ago
• hacktivesec / beginner-kernel-exploitation-setup

  View on GitHub
  ☆16Oct 18, 2024Updated last year
• tccontre / Reg-Restore-Persistence-Mole

  View on GitHub
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆65Aug 23, 2023Updated 2 years ago
• Hagrid29 / BOF-RemoteRegSave

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer
  ☆17Mar 4, 2023Updated 2 years ago
• Mav3rick33 / ZenLdr

  View on GitHub
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆101Feb 28, 2023Updated 2 years ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆122May 29, 2022Updated 3 years ago
• reveng007 / ReflectiveNtdll

  View on GitHub
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆181Feb 10, 2023Updated 3 years ago
• SaadAhla / Shellcode-Hide

  View on GitHub
  This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…
  ☆438Aug 2, 2023Updated 2 years ago
• kleiton0x00 / RemoteShellcodeExec

  View on GitHub
  Execute shellcode from a remote-hosted bin file using Winhttp.
  ☆241Jun 22, 2023Updated 2 years ago