Alternatives and similar repositories for L1LKiller

Users that are interested in L1LKiller are comparing it to the libraries listed below

• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆50Updated last year
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆24Updated 5 months ago
• HulkOperator / AuthStager
  ☆55Updated 8 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆75Updated 11 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆61Updated 11 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆77Updated 3 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 3 months ago
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆41Updated 9 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆30Updated last year
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆54Updated 7 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆72Updated 2 months ago
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆89Updated last year
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆111Updated 6 months ago
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆77Updated 4 months ago
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆95Updated 9 months ago
• xpn / stego-playground
  ☆35Updated last year
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated 2 years ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆97Updated last year
• Sh3lldon / HellsVectoredGate
  ☆42Updated 3 weeks ago
• vulnableone / BypassX
  The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.
  ☆28Updated last year
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆44Updated 2 months ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆63Updated last year
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated last year
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆54Updated 5 months ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆59Updated 4 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 5 months ago
• deepinstinct / ShimMe
  ☆143Updated 8 months ago
• brosck / Rebellion
  「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
  ☆25Updated 3 months ago