Alternatives and similar repositories for patchwerk

Users that are interested in patchwerk are comparing it to the libraries listed below

• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆188Updated 6 months ago
• CodeXTF2 / WebcamBOF
  Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
  ☆140Updated 2 months ago
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆178Updated 6 months ago
• FalconForceTeam / bof-winrm-client
  ☆112Updated 5 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆228Updated 6 months ago
• MythicAgents / Xenon
  A Mythic agent for Windows written in C
  ☆125Updated 3 weeks ago
• Meowmycks / koneko
  Robust Cobalt Strike shellcode loader with multiple advanced evasion features
  ☆163Updated 2 months ago
• NtDallas / Svartalfheim
  Stage 0
  ☆161Updated 6 months ago
• iilegacyyii / DataInject-BOF
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆123Updated 2 months ago
• NtDallas / Draugr
  BOF with Synthetic Stackframe
  ☆150Updated 3 months ago
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆189Updated 4 months ago
• rbmm / SC_DEMO
  ☆116Updated 3 months ago
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆163Updated 9 months ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆167Updated 3 months ago
• Octoberfest7 / enumhandles_BOF
  ☆125Updated 9 months ago
• Tw1sm / SQL-BOF
  Library of BOFs to interact with SQL servers
  ☆182Updated 2 months ago
• BlackSnufkin / NyxInvoke
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆218Updated 4 months ago
• andreisss / Ghosting-AMSI
  Ghosting-AMSI
  ☆191Updated last month
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆122Updated 8 months ago
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆108Updated 6 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆107Updated last month
• xforcered / ForsHops
  ForsHops
  ☆139Updated 2 months ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆147Updated 4 months ago
• paranoidninja / BRC4-BOF-Artillery
  ☆107Updated 3 months ago
• securifybv / BOFRyptor
  ☆125Updated last year
• safedv / RustSoliloquy
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆166Updated last month
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆155Updated last year
• Macmod / ldapx
  Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.
  ☆153Updated 6 months ago
• dmcxblue / SharpGhostTask
  A C# port from Invoke-GhostTask
  ☆117Updated last year
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆110Updated 11 months ago