Alternatives and similar repositories for pamspy:

Users that are interested in pamspy are comparing it to the libraries listed below

• h3xduck / TripleCross
  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
  ☆1,842Updated last year
• krisnova / boopkit
  Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
  ☆1,611Updated last year
• eeriedusk / knockles
  eBPF Port Knocking Tool
  ☆233Updated last year
• Gui774ume / ebpfkit
  ebpfkit is a rootkit powered by eBPF
  ☆793Updated 2 years ago
• arget13 / DDexec
  A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
  ☆839Updated last month
• winterknife / PINKPANTHER
  Windows x64 handcrafted token stealing kernel-mode shellcode
  ☆508Updated last year
• Fahrj / reverse-ssh
  Statically-linked ssh server with reverse shell functionality for CTFs and such
  ☆963Updated 2 years ago
• nnsee / fileless-elf-exec
  Execute ELF files without dropping them on disk
  ☆491Updated 10 months ago
• ssh-mitm / ssh-mitm
  SSH-MITM - ssh audits made simple
  ☆1,382Updated 2 months ago
• 0xricksanchez / like-dbg
  Fully dockerized Linux kernel debugging environment
  ☆748Updated 7 months ago
• NHAS / reverse_ssh
  SSH based reverse shell
  ☆1,084Updated last week
• hackerschoice / gsocket
  Connect like there is no firewall. Securely.
  ☆1,680Updated 2 weeks ago
• liamg / dismember
  Scan memory for secrets and more. Maybe eventually a full /proc toolkit.
  ☆651Updated 2 years ago
• optiv / Mangle
  Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
  ☆1,202Updated last year
• optiv / Freeze
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆1,440Updated last year
• pathtofile / bad-bpf
  A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
  ☆603Updated 10 months ago
• DavidBuchanan314 / dlinject
  Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace
  ☆786Updated 3 months ago
• DavidBuchanan314 / monomorph
  MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
  ☆789Updated 2 years ago
• firefart / stunner
  Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
  ☆794Updated this week
• irsl / gcp-dhcp-takeover-code-exec
  Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent
  ☆536Updated 3 years ago
• blendin / 3snake
  Tool for extracting information from newly spawned processes
  ☆753Updated 3 years ago
• onekey-sec / unblob
  Extract files from any kind of container formats
  ☆2,308Updated this week
• liamg / memit
  Run binaries straight from memory in Linux
  ☆316Updated 2 years ago
• darkr4y / geacon
  Practice Go programming and implement CobaltStrike's Beacon in Go
  ☆1,197Updated 4 years ago
• bsauce / kernel-exploit-factory
  Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your enviro…
  ☆1,220Updated 9 months ago
• RedTeamPentesting / pretender
  Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
  ☆1,094Updated 2 months ago
• lrh2000 / StackRot
  CVE-2023-3269: Linux kernel privilege escalation vulnerability
  ☆477Updated last year
• goretk / redress
  Redress - A tool for analyzing stripped Go binaries
  ☆1,030Updated this week
• Bonfee / CVE-2022-25636
  CVE-2022-25636
  ☆429Updated 3 years ago
• tr3ee / CVE-2022-23222
  CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
  ☆566Updated 2 years ago