Alternatives and similar repositories for L1LKiller:

Users that are interested in L1LKiller are comparing it to the libraries listed below

• HulkOperator / AuthStager
  ☆55Updated 6 months ago
• Cyxow / CVE-2024-3183-POC
  POC for CVE-2024-3183 (FreeIPA Rosting)
  ☆20Updated 8 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆49Updated 5 months ago
• brosck / Rebellion
  「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
  ☆23Updated last month
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated last year
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆27Updated last year
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• 0xAbdullah / Offensive-Snippets
  A repository with my code snippets for research/education purposes.
  ☆50Updated last year
• PShlyundin / TimeSync
  Tool to obtain hash using MS-SNTP for user accounts
  ☆22Updated 3 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆21Updated 3 months ago
• Tarakhs / ToyingWithHellsGate
  Brief writeup of post exploitation methodologies.
  ☆18Updated last year
• OtterHacker / AWSRoundRobin
  ☆37Updated 2 months ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 7 months ago
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆41Updated 9 months ago
• brosck / APIHookingDetector
  「⚙️」Detect which native Windows API's (NtAPI) are being hooked
  ☆38Updated 5 months ago
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆41Updated 7 months ago
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆75Updated 2 months ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆51Updated 2 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 9 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated 10 months ago
• Helixo32 / GetSystem-LCI
  GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…
  ☆34Updated 5 months ago
• winsecurity / AMSI-Bypass-HWBP
  ☆22Updated 2 months ago
• yehia-mamdouh / Lsassx
  Dumping LSASS Evaded Endpoint Security Solutions
  ☆12Updated 2 months ago
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆71Updated last month
• voidvxvt / EnableAllTokenPrivs
  Enable or Disable TokenPrivilege(s)
  ☆13Updated 11 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆29Updated last year
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆40Updated 11 months ago
• 0xb11a1 / sliver_extension_uac_bypass_cmstp
  Sliver extension to bypass UAC via cmstp written in rust
  ☆27Updated 11 months ago
• ASP4RUX / bypassEDR-AV
  ☆56Updated 5 months ago
• n0tspam / RunspaceLoader
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Updated last year