a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.
☆92May 24, 2025Updated 9 months ago
Alternatives and similar repositories for LoaderGate
Users that are interested in LoaderGate are comparing it to the libraries listed below
Sorting:
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 8 months ago
- ☆51May 4, 2025Updated 9 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆185Oct 29, 2025Updated 4 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆137Apr 18, 2025Updated 10 months ago
- ☆26Mar 10, 2022Updated 3 years ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51May 8, 2024Updated last year
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Updated this week
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 8 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆75Nov 6, 2025Updated 3 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- ☆146Nov 6, 2025Updated 3 months ago
- alternative to procdump☆11May 26, 2021Updated 4 years ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 10 months ago
- ☆19Dec 18, 2024Updated last year
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated 11 months ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆63Dec 25, 2025Updated 2 months ago
- AV bypass while you sip your Chai!☆224May 17, 2024Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 10 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆200Apr 21, 2025Updated 10 months ago
- bypass edr杀软的dumplsass工具☆21Mar 21, 2025Updated 11 months ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 8 months ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆215Oct 19, 2024Updated last year
- A python library to create BloodHound OpenGraphs☆53Feb 4, 2026Updated 3 weeks ago
- An Ansible collection that installs an SCCM deployment with optional configurations.☆101Dec 8, 2025Updated 2 months ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31May 23, 2025Updated 9 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆362Jan 29, 2026Updated last month
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆199Jun 17, 2025Updated 8 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated last month
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33May 30, 2024Updated last year
- ☆47Dec 5, 2025Updated 2 months ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it☆131Aug 23, 2025Updated 6 months ago
- Terminate AV/EDR leveraging BYOVD attack☆104Mar 21, 2025Updated 11 months ago
- Local & remote Windows DLL Proxying☆169Jun 17, 2024Updated last year
- A C implementation for a stealth injection method☆38Jan 30, 2026Updated last month
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆154Nov 2, 2025Updated 4 months ago