a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.
☆93May 24, 2025Updated 9 months ago
Alternatives and similar repositories for LoaderGate
Users that are interested in LoaderGate are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 9 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆193Oct 29, 2025Updated 4 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 4 months ago
- ☆52May 4, 2025Updated 10 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆46Feb 24, 2026Updated 3 weeks ago
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- ☆19Dec 18, 2024Updated last year
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 9 months ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆64Dec 25, 2025Updated 2 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆50May 8, 2024Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- AV bypass while you sip your Chai!☆223May 17, 2024Updated last year
- ☆147Nov 6, 2025Updated 4 months ago
- ☆48Dec 5, 2025Updated 3 months ago
- alternative to procdump☆11May 26, 2021Updated 4 years ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆200Apr 21, 2025Updated 11 months ago
- ☆26Mar 10, 2022Updated 4 years ago
- Weaponize signed .NET ClickOnce applications for initial access by hijacking a dependency DLL via AppDomainManager injection and loading …☆147Feb 14, 2026Updated last month
- Cobalt Strike BOF for evasive .NET assembly execution☆309Mar 31, 2025Updated 11 months ago
- A python library to create BloodHound OpenGraphs☆56Feb 4, 2026Updated last month
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 9 months ago
- Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.☆225Mar 13, 2026Updated last week
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated last year
- ☆12Nov 12, 2023Updated 2 years ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 4 months ago
- An Ansible collection that installs an SCCM deployment with optional configurations.☆101Dec 8, 2025Updated 3 months ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆200Jun 17, 2025Updated 9 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 8 months ago
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆246Mar 9, 2026Updated 2 weeks ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆129Jan 28, 2026Updated last month
- Enumerate Domain Users Without Authentication☆282Apr 22, 2025Updated 11 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated last year
- Pipeleek scans CI/CD logs and artifacts to detect leaked secrets and pivot from them☆19Updated this week
- Terminate AV/EDR leveraging BYOVD attack☆103Mar 21, 2025Updated last year
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆216Oct 19, 2024Updated last year