Alternatives and similar repositories for Rebellion:

Users that are interested in Rebellion are comparing it to the libraries listed below

• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆33Updated 4 months ago
• brosck / APIHookingDetector
  「⚙️」Detect which native Windows API's (NtAPI) are being hooked
  ☆38Updated 4 months ago
• HulkOperator / AuthStager
  ☆54Updated 5 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆38Updated 8 months ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆50Updated last month
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 8 months ago
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆54Updated 2 weeks ago
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆24Updated 8 months ago
• brosck / Frosty
  「🧊」Ring 3 Rootkit for Windows 10
  ☆57Updated 4 months ago
• p0dalirius / FindProcessesWithNamedPipes
  A simple C++ Windows tool to get information about processes exposing named pipes.
  ☆37Updated last month
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆41Updated 8 months ago
• Cracked5pider / eop24-26229
  A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user
  ☆39Updated 8 months ago
• MatheuZSecurity / Infector
  This is a simple process injection made in C for Linux systems
  ☆26Updated last year
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆49Updated 3 months ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆31Updated last year
• zer1t0 / keydump
  Dump Linux keyrings
  ☆19Updated 9 months ago
• horizon3ai / CVE-2024-9465
  Proof of Concept Exploit for CVE-2024-9465
  ☆29Updated 6 months ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated last year
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆38Updated last year
• syncwithali / HavocExploit
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆35Updated last year
• PShlyundin / TimeSync
  Tool to obtain hash using MS-SNTP for user accounts
  ☆21Updated 2 months ago
• ZephrFish / HelloJackHunter
  Research into WinSxS binaries and finding hijackable paths
  ☆28Updated last week
• winsecurity / AMSI-Bypass-HWBP
  ☆20Updated last month
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 7 months ago
• Teach2Breach / dll2shell
  converts sRDI compatible dlls to shellcode
  ☆23Updated 2 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆53Updated 2 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated 10 months ago
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆31Updated last year