Alternatives and similar repositories for L1LKiller

Users that are interested in L1LKiller are comparing it to the libraries listed below

• HulkOperator / AuthStager
  ☆55Updated 8 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 10 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆30Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆61Updated 10 months ago
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆70Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆48Updated last year
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆24Updated 4 months ago
• brosck / Rebellion
  「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
  ☆25Updated 2 months ago
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆69Updated last month
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 9 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆52Updated 6 months ago
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆110Updated 6 months ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆58Updated 4 months ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆27Updated last year
• brosck / APIHookingDetector
  「⚙️」Detect which native Windows API's (NtAPI) are being hooked
  ☆38Updated 6 months ago
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆77Updated 3 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• cybersectroll / TrollDisappearKey
  ☆44Updated 3 weeks ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆58Updated 10 months ago
• SaadAhla / VSCode-Backdoor
  Backdooring VSCode Projects
  ☆63Updated 2 weeks ago
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆40Updated last year
• Tarakhs / ToyingWithHellsGate
  Brief writeup of post exploitation methodologies.
  ☆18Updated last year
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆54Updated 4 months ago
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆75Updated 2 months ago
• dmcxblue / PyObscura
  A python script that automates a C2 Profile build
  ☆42Updated 2 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated last year
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆82Updated 8 months ago