Alternatives and similar repositories for it-o:

Users that are interested in it-o are comparing it to the libraries listed below

• vyrus001 / ebowla-2
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆22Updated 3 years ago
• blinkenl1ghts / donloader
  donLoader is a shellcode loader creation tool that uses donut to convert executable payloads into shellcode to evade detection on disk.
  ☆19Updated 3 years ago
• knavesec / EyeWitnessTheFitness
  Exactly what it sounds like, which is something rad
  ☆22Updated 2 years ago
• audibleblink / getsystem
  Small utility package for manipulating Windows process tokens
  ☆26Updated 2 years ago
• wunderwuzzi23 / gospray
  Active Directory Password Spray Testing Utility in Go
  ☆16Updated last year
• its-a-feature / loginItemManipulator
  ☆15Updated 3 years ago
• ChoiSG / sNanoDumpInject
  NanoDumpInject from https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/ , minor edits with a few syscalls
  ☆11Updated 2 years ago
• aj-code / 3gsocks
  3gsocks - a reverse connection socks5 based network pivot
  ☆10Updated 4 years ago
• rvrsh3ll / SharpSSDP
  SSDP Service Discovery
  ☆16Updated 6 years ago
• Meckazin / HidingFromETW
  PoC for detecting and evading ETW detection of .Net Assembly.Load
  ☆20Updated 4 years ago
• xenoscr / compressedCredBandit
  A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
  ☆18Updated 3 years ago
• 001SPARTaN / SaltedCaramel
  Apfell implant written in C#.
  ☆8Updated 4 years ago
• audibleblink / davil
  leaking net-ntlm with webdav
  ☆24Updated 4 years ago
• cedowens / JXA-Runner
  Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.
  ☆23Updated 3 years ago
• djhohnstein / HookDetector
  Playing with PE's and Building Structures by Hand
  ☆22Updated 2 years ago
• inzlain / sameuser
  Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual
  ☆13Updated 2 years ago
• zyn3rgy / ecp_slap
  CVE-2020-0688 PoC
  ☆11Updated 4 months ago
• codewhitesec / daphne
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆17Updated last year
• warhorse / ansible-role-cobaltstrike-docker
  Ansible Cobalt Strike (Docker)
  ☆15Updated 3 years ago
• hyp3rlinx / NtFileSins
  Windows File Enumeration Intel Gathering Tool.
  ☆17Updated last year
• sk3w / beacon-object-files
  Miscellaneous examples for use with Cobalt Strike Beacon
  ☆10Updated 4 years ago
• bhassani / doublepulsar
  DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)
  ☆27Updated 5 years ago
• 17ms / airborne
  Shellcode reflective DLL injection in Rust
  ☆19Updated last year
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆35Updated 10 months ago
• johneiser / MalleableC2Parser
  A library to parse, modify, and implement Malleable C2 profiles
  ☆21Updated 6 years ago
• melotic / nanostorm
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆18Updated 3 months ago
• ajpc500 / RelayRumbler
  A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.
  ☆17Updated 3 years ago
• moloch-- / DarkLoadLibrary
  LoadLibrary for offensive operations
  ☆33Updated 3 years ago
• zimnyaa / inmembof.py
  A small example of loading BOFs in Python with pure reflection
  ☆19Updated 2 years ago
• mdsecactivebreach / SharpAltiris
  ☆25Updated 2 years ago