Alternatives and similar repositories for NimPlant:

Users that are interested in NimPlant are comparing it to the libraries listed below

• naksyn / Pyramid
  a tool to help operate in EDRs' blind spots
  ☆730Updated 5 months ago
• mgeeky / PackMyPayload
  A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…
  ☆915Updated 10 months ago
• assume-breach / Home-Grown-Red-Team
  ☆707Updated last year
• lem0nSec / ShellGhost
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,176Updated last year
• rasta-mouse / ThreatCheck
  Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
  ☆1,193Updated 11 months ago
• NH-RED-TEAM / RustHound
  Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀
  ☆1,015Updated 6 months ago
• outflanknl / C2-Tool-Collection
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,218Updated last year
• optiv / Freeze
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆1,440Updated last year
• Xacone / BestEdrOfTheMarket
  AV/EDR Evasion Lab for Training & Learning Purposes
  ☆1,242Updated last week
• grimlockx / ADCSKiller
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆711Updated last year
• Idov31 / Sandman
  Sandman is a NTP based backdoor for red team engagements in hardened networks.
  ☆787Updated last year
• 0xHossam / Killer
  Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques.
  ☆806Updated 10 months ago
• chvancooten / NimPackt-v1
  Nim-based assembly packer and shellcode loader for opsec & profit
  ☆476Updated 2 years ago
• zblurx / certsync
  Dump NTDS with golden certificates and UnPAC the hash
  ☆633Updated last year
• ZeroMemoryEx / Terminator
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆967Updated last year
• VirtualAlllocEx / DEFCON-31-Syscalls-Workshop
  Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
  ☆658Updated last year
• icyguider / Nimcrypt2
  .NET, PE, & Raw Shellcode Packer/Loader Written in Nim
  ☆774Updated 2 years ago
• wsummerhill / C2_RedTeam_CheatSheets
  Useful C2 techniques and cheatsheets learned from engagements
  ☆502Updated last month
• WesleyWong420 / RedTeamOps-Havoc-101
  Materials for the workshop "Red Team Ops: Havoc 101"
  ☆375Updated 7 months ago
• icyguider / Shhhloader
  Syscall Shellcode Loader (Work in Progress)
  ☆1,190Updated last year
• RythmStick / AMSITrigger
  The Hunt for Malicious Strings
  ☆1,208Updated 2 years ago
• Sh3lldon / FullBypass
  A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…
  ☆746Updated last month
• trustedsec / CS-Remote-OPs-BOF
  ☆963Updated 2 months ago
• r4wd3r / Suborner
  ☆469Updated 5 months ago
• kraken-ng / Kraken
  Kraken, a modular multi-language webshell coded by @secu_x11
  ☆543Updated last year
• gatariee / gocheck
  Because AV evasion should be easy.
  ☆716Updated 5 months ago
• redeye-framework / Redeye
  Redeye is a tool intended to help you manage your data during a pentest operation
  ☆465Updated 8 months ago
• aniqfakhrul / powerview.py
  Just another Powerview alternative but on steroids
  ☆681Updated last week
• CravateRouge / autobloody
  Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
  ☆547Updated 5 months ago
• eladshamir / Whisker
  Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …
  ☆871Updated 5 months ago