Alternatives and similar repositories for L1LKiller:

Users that are interested in L1LKiller are comparing it to the libraries listed below

• brosck / Rebellion
  「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
  ☆23Updated last week
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆21Updated 2 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆50Updated 4 months ago
• HulkOperator / AuthStager
  ☆54Updated 5 months ago
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated last year
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆26Updated last year
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆74Updated last month
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆28Updated last year
• Helixo32 / GetSystem-LCI
  GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…
  ☆34Updated 4 months ago
• tehstoni / RustyKeys
  UAC Bypass using CMSTP in Rust
  ☆25Updated 4 months ago
• vulnableone / BypassX
  The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.
  ☆27Updated last year
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆74Updated 8 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 8 months ago
• Tarakhs / ToyingWithHellsGate
  Brief writeup of post exploitation methodologies.
  ☆18Updated last year
• PShlyundin / TimeSync
  Tool to obtain hash using MS-SNTP for user accounts
  ☆21Updated 2 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• OtterHacker / AWSRoundRobin
  ☆37Updated 2 months ago
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆103Updated 3 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated 10 months ago
• brosck / APIHookingDetector
  「⚙️」Detect which native Windows API's (NtAPI) are being hooked
  ☆38Updated 4 months ago
• Cyxow / CVE-2024-3183-POC
  POC for CVE-2024-3183 (FreeIPA Rosting)
  ☆20Updated 8 months ago
• dmcxblue / PyObscura
  A python script that automates a C2 Profile build
  ☆39Updated 3 weeks ago
• ibaiC / FriendlyFireBOF
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆28Updated this week
• voidvxvt / EnableAllTokenPrivs
  Enable or Disable TokenPrivilege(s)
  ☆13Updated 11 months ago
• yehia-mamdouh / Lsassx
  Dumping LSASS Evaded Endpoint Security Solutions
  ☆12Updated 2 months ago
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆61Updated 2 weeks ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆54Updated last month
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆60Updated last year
• tijme / kong-loader
  Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…
  ☆18Updated 2 weeks ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year