Alternatives and similar repositories for vehsyscall

Users that are interested in vehsyscall are comparing it to the libraries listed below

• howmp / donut_ollvm
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆66Updated last month
• b4nbird / shellcodeLoaders
  ☆28Updated 2 years ago
• CBLabresearch / PhantomExecution
  Self Cleanup in post-ex job
  ☆58Updated last year
• evilashz / Visual-Studio-BOF-template
  more conveniently Visual-Studio-BOF-template
  ☆71Updated 2 years ago
• seventeenman / SelfDel-BOF
  Delete file regardless of whether the handle is used via SetFileInformationByHandle
  ☆55Updated 2 years ago
• bestspear / ReBeacon_ForClang
  Beacon compiled using clang
  ☆72Updated 2 years ago
• kyxiaxiang / CrackSleeve4.9
  ☆43Updated 2 years ago
• timwhitez / BinHol
  Binary Hollowing
  ☆85Updated last year
• Haunted-Banshee / Shellcode-Hastur
  Shellcode Reductio Entropy Tools
  ☆73Updated 2 years ago
• TianNaYa / ProxyDll
  beta
  ☆119Updated last year
• Ryze-T / EdrKiller
  ☆92Updated 4 years ago
• y11en / schtask-bypass
  免杀计划任务进行权限维持，过主流杀软。 A schtask tool bypass anti-virus
  ☆73Updated 3 years ago
• BambiZombie / StagerDemo
  一个demo
  ☆23Updated last year
• wudun7 / obj2shellcode
  shellcode生成框架
  ☆87Updated last year
• AgeloVito / self_delete_bof
  BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…
  ☆78Updated 2 years ago
• M0nster3 / ITaskServers
  Bypass EDR Create TaskServers
  ☆37Updated 2 years ago
• qi4L / Blackout-go
  kill AV/EDR
  ☆22Updated 2 years ago
• parzel / GoBofRunner
  A BOF/COFF loader implemented in Go and CGO.
  ☆22Updated last year
• kyxiaxiang / CrackSleeve4.5
  CobaltStrike4.5 Sleeve解密文件，搬砖加一点点修改, 仅作备份使用.
  ☆34Updated 3 years ago
• yzddmr6 / SharpAlternativeShellcodeExec
  Alternative Shellcode Execution Via Callbacks Rewrite In C#
  ☆89Updated 2 years ago
• StarfireLab / BrowserPivot
  ☆31Updated 2 years ago
• clownfive / CustomStack
  自定义函数堆栈，从而绕过ETW检测，这个是完整版。
  ☆13Updated last year
• huoji120 / APT_Step_Bear_Inject
  复现《EDR的梦魇：Storm-0978使用新型内核注入技术“Step Bear”》
  ☆141Updated last year
• Like0x / AddDefenderExclusions-BOF
  AddDefenderExclusions Beacon Object File
  ☆40Updated 2 years ago
• JDArmy / NO445-lateral-movement
  command execute without 445 port
  ☆52Updated 3 years ago
• djhons / kcpSocks5
  使用kcp实现的socks5正向代理
  ☆12Updated last year
• AgeloVito / adduserbysamr-bof
  Cobalt Strike BOF that Add a user to localgroup by samr
  ☆131Updated 3 years ago
• huoji120 / sleep_duck_eye
  Stack integrity verification to Detect SleepMask or CallStack Spoofer
  ☆38Updated 4 months ago
• myzxcg / BypassUAC-Dll
  Use COM Component Bypass UAC,Dll Version
  ☆36Updated 4 years ago
• qi4L / sRDI-rs
  Rust 重构的 sRDI
  ☆17Updated last year