Alternatives and similar repositories for elf-in-memory-exec

Users that are interested in elf-in-memory-exec are comparing it to the libraries listed below

• 0xTriboulet / ZeroTotal
  A collection of source code, binaries, and compilation scripts designed to bypass detection
  ☆25Updated 2 years ago
• skelsec / aardwolfgui
  Asynchronous RDP/VNC client for Python (GUI)
  ☆71Updated 5 months ago
• moloch-- / sliver-script
  TypeScript/JavaScript client libraries for Sliver
  ☆20Updated 2 years ago
• skelsec / asysocks
  Socks5 / Socks4 client and server library
  ☆70Updated 2 months ago
• byt3bl33d3r / playwright-heap-snapshot
  API and CLI tool to fetch and query Chome DevTools heap snapshots (Python & Playwright)
  ☆14Updated last year
• HuskyHacks / the-crown-defcon615
  Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk
  ☆45Updated 3 years ago
• redcode-labs / Solaris
  A local LKM rootkit loader/dropper that lists available security mechanisms
  ☆52Updated 3 years ago
• zimawhit3 / HellsGateNim
  A quick example of the Hells Gate technique in Nim
  ☆96Updated 3 years ago
• melotic / nanostorm
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆19Updated 5 months ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 3 years ago
• S3cur3Th1sSh1t / NimShellcodeFluctuation
  ShellcodeFluctuation PoC ported to Nim
  ☆77Updated 2 years ago
• aancw / DllProxy-rs
  Rust Implementation of SharpDllProxy for DLL Proxying Technique
  ☆30Updated 2 years ago
• CymulateResearch / Blindside
  Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms
  ☆127Updated 2 years ago
• Kudaes / CustomEntryPoint
  Select any exported function in a dll as the new dll's entry point.
  ☆79Updated 7 months ago
• skylerknecht / messenger
  A tunneling toolkit enabling operators to move data from one place to another evasively.
  ☆60Updated 2 weeks ago
• MythicC2Profiles / http
  Simple HTTP async comms using standard GET/POST requests
  ☆35Updated 2 months ago
• sidaf / moonshine
  ☆69Updated last year
• xforcered / AdvSim.Cryptography
  Simple and sane cryptographic wrapper library.
  ☆27Updated 2 years ago
• MiBaLToALeX / ShellOrd
  ShellOrd is a C2 (Command & Control) framework cross-platform and agent written in Rust & Java
  ☆14Updated 9 months ago
• stavinski / winhook
  Go library to allow native inline hooking in windows at runtime
  ☆14Updated last year
• frkngksl / ParallelNimcalls
  Nim version of MDSec's Parallel Syscall PoC
  ☆125Updated 3 years ago
• pygrum / monarch
  Monarch - The Adversary Emulation Toolkit
  ☆62Updated 5 months ago
• Teach2Breach / hollow_rs
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆29Updated 4 months ago
• zimnyaa / inmembof.py
  A small example of loading BOFs in Python with pure reflection
  ☆19Updated 2 years ago
• qtc-de / rpv-web
  rpv-web is a browser based frontend for the rpv library
  ☆25Updated 3 weeks ago
• Alh4zr3d / PowerShell-via-CSharp
  A simple C# program to unhook AMSI and execute unmanaged PowerShell.
  ☆19Updated 3 years ago
• itaymigdal / GhostNap
  Sleep obfuscation for shellcode implants and their reflective shit
  ☆51Updated last year
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆62Updated 3 years ago
• T4TCH3R / RedditC2
  Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic lo…
  ☆25Updated 2 years ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 2 years ago