daem0nc0re/PrivFu

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/daem0nc0re/PrivFu)

daem0nc0re / PrivFu

Kernel mode WinDbg extension and PoCs for token privilege investigation.

☆900

Alternatives and similar repositories for PrivFu

Users that are interested in PrivFu are comparing it to the libraries listed below

Sorting:

daem0nc0re / TangledWinExec
View on GitHub
PoCs and tools for investigation of Windows process execution techniques
☆953Feb 2, 2026Updated last month
kyleavery / AceLdr
View on GitHub
Cobalt Strike UDRL for memory scanner evasion.
☆1,006Jun 4, 2024Updated last year
outflanknl / C2-Tool-Collection
View on GitHub
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
☆1,370Oct 27, 2023Updated 2 years ago
deepinstinct / Dirty-Vanity
View on GitHub
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
☆676Dec 23, 2022Updated 3 years ago
daem0nc0re / AtomicSyscall
View on GitHub
Tools and PoCs for Windows syscall investigation.
☆368Dec 2, 2025Updated 3 months ago
Cracked5pider / Stardust
View on GitHub
A modern 32/64-bit position independent implant template
☆1,295Mar 21, 2025Updated 11 months ago
lem0nSec / ShellGhost
View on GitHub
A memory-based evasion technique which makes shellcode invisible from process start to end.
☆1,198Oct 16, 2023Updated 2 years ago
Accenture / Spartacus
View on GitHub
Spartacus DLL/COM Hijacking Toolkit
☆1,083Feb 1, 2024Updated 2 years ago
klezVirus / SysWhispers3
View on GitHub
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
☆1,594Jul 31, 2024Updated last year
fortra / nanodump
View on GitHub
The swiss army knife of LSASS dumping
☆2,072Sep 17, 2024Updated last year
boku7 / BokuLoader
View on GitHub
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
☆1,401Nov 22, 2023Updated 2 years ago
wavestone-cdt / EDRSandblast
View on GitHub
☆1,787Aug 30, 2024Updated last year
decoder-it / LocalPotato
View on GitHub
☆707Nov 7, 2023Updated 2 years ago
kyleavery / inject-assembly
View on GitHub
Inject .NET assemblies into an existing process
☆508Jan 19, 2022Updated 4 years ago
Dec0ne / KrbRelayUp
View on GitHub
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…
☆1,631Aug 6, 2022Updated 3 years ago
thefLink / Hunt-Sleeping-Beacons
View on GitHub
Aims to identify sleeping beacons
☆662Jan 25, 2026Updated last month
CCob / ThreadlessInject
View on GitHub
Threadless Process Injection using remote function hooking.
☆810Sep 4, 2024Updated last year
itm4n / PPLdump
View on GitHub
Dump the memory of a PPL with a userland exploit
☆889Jul 24, 2022Updated 3 years ago
rad9800 / TamperingSyscalls
View on GitHub
☆505Aug 14, 2022Updated 3 years ago
deepinstinct / Lsass-Shtinkering
View on GitHub
☆383Jan 19, 2023Updated 3 years ago
trustedsec / CS-Remote-OPs-BOF
View on GitHub
Remote operations commands implemented using Beacon Object Files
☆1,120Feb 23, 2026Updated last week
Cracked5pider / KaynLdr
View on GitHub
KaynLdr is a Reflective Loader written in C/ASM
☆555Dec 3, 2023Updated 2 years ago
antonioCoco / SspiUacBypass
View on GitHub
Bypassing UAC with SSPI Datagram Contexts
☆461Sep 24, 2023Updated 2 years ago
JanielDary / ImmoralFiber
View on GitHub
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
☆283Sep 18, 2024Updated last year
Kudaes / Elevator
View on GitHub
UAC bypass by abusing RPC and debug objects.
☆627Oct 19, 2023Updated 2 years ago
klezVirus / SilentMoonwalk
View on GitHub
PoC Implementation of a fully dynamic call stack spoofer
☆922Jul 20, 2024Updated last year
thefLink / DeepSleep
View on GitHub
A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
☆374May 24, 2022Updated 3 years ago
aahmad097 / AlternativeShellcodeExec
View on GitHub
Alternative Shellcode Execution Via Callbacks
☆1,698Nov 11, 2022Updated 3 years ago
icyguider / Shhhloader
View on GitHub
Syscall Shellcode Loader (Work in Progress)
☆1,259May 8, 2024Updated last year
mgeeky / ThreadStackSpoofer
View on GitHub
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation fr…
☆1,196Jun 17, 2022Updated 3 years ago
Yaxser / Backstab
View on GitHub
A tool to kill antimalware protected processes
☆1,506Jun 19, 2021Updated 4 years ago
cube0x0 / KrbRelay
View on GitHub
Framework for Kerberos relaying
☆937May 29, 2022Updated 3 years ago
Mr-Un1k0d3r / EDRs
View on GitHub
☆2,168Feb 21, 2023Updated 3 years ago
xforcered / BokuLoader
View on GitHub
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
☆336Jul 20, 2024Updated last year
CCob / SharpBlock
View on GitHub
A method of bypassing EDR's active projection DLL's by preventing entry point exection
☆1,163Mar 31, 2021Updated 4 years ago
VoldeSec / PatchlessCLRLoader
View on GitHub
.NET assembly loader with patchless AMSI and ETW bypass
☆368Apr 19, 2023Updated 2 years ago
wh0amitz / S4UTomato
View on GitHub
Escalate Service Account To LocalSystem via Kerberos
☆403Sep 14, 2023Updated 2 years ago
0xEr3bus / PoolPartyBof
View on GitHub
A beacon object file implementation of PoolParty Process Injection Technique.
☆434Dec 21, 2023Updated 2 years ago
med0x2e / SigFlip
View on GitHub
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…
☆1,255Aug 27, 2023Updated 2 years ago