Alternatives and similar repositories for minegrief

Users that are interested in minegrief are comparing it to the libraries listed below

• zzhsec / NlsCodeInjectionThroughRegistry

  View on GitHub
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆17Jun 18, 2022Updated 3 years ago
• chebuya / minegrief

  View on GitHub
  Self-spreading Java malware targeting Minecraft servers. Infected servers are capable of scanning for other vulnerable servers, encryptin…
  ☆17Dec 23, 2024Updated last year
• 0xTriboulet / scepter-rs

  View on GitHub
  A hacky way of getting cross-arch/platform support in Cobalt Strike
  ☆37Aug 31, 2025Updated 5 months ago
• mr-r3bot / bof-modules

  View on GitHub
  BOF for C2 framework
  ☆44Nov 9, 2024Updated last year
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆208Dec 25, 2024Updated last year
• mannyfred / MentalTi

  View on GitHub
  Mentally ill EtwTi parser
  ☆66Jan 11, 2026Updated last month
• captainGeech42 / implant.js

  View on GitHub
  Proof-of-concept modular implant platform leveraging v8
  ☆54Mar 4, 2025Updated 11 months ago
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆194Nov 27, 2024Updated last year
• mrg0ne / kld-rootkit

  View on GitHub
  A collection of FreeBSD rootkit kernel modules and utilities
  ☆13Jun 25, 2025Updated 7 months ago
• eversinc33 / drvtrace

  View on GitHub
  WinDbg plugin to trace module transitions from a debugged driver.
  ☆40Dec 22, 2025Updated last month
• DeDf / ParseNTFS

  View on GitHub
  ☆20Nov 8, 2020Updated 5 years ago
• CodeXTF2 / WebcamBOF

  View on GitHub
  Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
  ☆156Mar 26, 2025Updated 10 months ago
• dmcxblue / NtCreateUserProcessBOF

  View on GitHub
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆30Jan 30, 2025Updated last year
• rad9800 / RansomFS

  View on GitHub
  ☆31Feb 28, 2025Updated 11 months ago
• ZERODETECTION / Havoc_Demon_API_Hashing

  View on GitHub
  Rehashing APIs to prevent hash based detection
  ☆14Jan 7, 2025Updated last year
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated 11 months ago
• LowOrbitSecurity / gubble

  View on GitHub
  gubble is a tool designed to audit Google Workspace group settings. It analyzes settings such as who can join, view membership, post mess…
  ☆81May 27, 2025Updated 8 months ago
• HulkOperator / AuthStager

  View on GitHub
  ☆59Oct 24, 2024Updated last year
• ic3qu33n / REcon2024-GOP-Complex

  View on GitHub
  REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""
  ☆14Mar 31, 2025Updated 10 months ago
• 0xTriboulet / T-70

  View on GitHub
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆40Oct 30, 2024Updated last year
• voidvxvi / HellBunny

  View on GitHub
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆136Dec 22, 2024Updated last year
• tehstoni / tryharder

  View on GitHub
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆97Oct 7, 2024Updated last year
• dobin / RedEdr

  View on GitHub
  Collect Windows telemetry for Maldev
  ☆455Jan 30, 2026Updated 2 weeks ago
• 0xflux / Scil

  View on GitHub
  System Call Integrity Layer - experimental security research
  ☆25Jan 31, 2026Updated 2 weeks ago
• Real-Cryillic / Sarla

  View on GitHub
  It's what all the kids are talking about
  ☆12Apr 25, 2023Updated 2 years ago
• jedisct1 / zig-aes-gem

  View on GitHub
  AES-GEM (AES Galois Extended Mode) implementation.
  ☆13Updated this week
• x64dbg / lz4

  View on GitHub
  ☆14Dec 26, 2024Updated last year
• voidvxvi / EnableAllTokenPrivs

  View on GitHub
  Enable or Disable TokenPrivilege(s)
  ☆15May 17, 2024Updated last year
• furax124 / Protect_Loader

  View on GitHub
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆82Jun 25, 2025Updated 7 months ago
• sagiol / Terms-of-What

  View on GitHub
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆44Jun 23, 2025Updated 7 months ago
• NoahKirchner / speedloader

  View on GitHub
  Rust template/library for implementing your own COFF loader
  ☆71Jan 27, 2025Updated last year
• Azr43lKn1ght / Rust-ProcHollow

  View on GitHub
  Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.
  ☆22Jan 6, 2025Updated last year
• joaoviictorti / uwd

  View on GitHub
  Call Stack Spoofing for Rust
  ☆210Jan 28, 2026Updated 2 weeks ago
• p4p1 / havoc-ligolo

  View on GitHub
  A Havoc UI tool to pivot onto a machine using ligolo-ng
  ☆50Jan 23, 2024Updated 2 years ago
• BlackSnufkin / LitterBox

  View on GitHub
  A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…
  ☆1,301Nov 12, 2025Updated 3 months ago
• janoglezcampos / llvm-yx-callobfuscator

  View on GitHub
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆321Jan 17, 2024Updated 2 years ago
• lkarlslund / nifo

  View on GitHub
  Nuke It From Orbit - remove AV/EDR with physical access
  ☆271Dec 8, 2024Updated last year
• 7eRoM / tutorials

  View on GitHub
  ☆17May 7, 2025Updated 9 months ago
• EvilBytecode / Amsi-Patch-Updated-2025

  View on GitHub
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆25Apr 21, 2025Updated 9 months ago