Alternatives and similar repositories for LOI-Bins

Users that are interested in LOI-Bins are comparing it to the libraries listed below

• stavinski / winhook

  View on GitHub
  Go library to allow native inline hooking in windows at runtime
  ☆14Feb 7, 2024Updated 2 years ago
• 0xflagplz / Xll-Payload-Generator

  View on GitHub
  Excel Add In Payload Generator
  ☆14Oct 9, 2023Updated 2 years ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86

  View on GitHub
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆20Apr 17, 2023Updated 2 years ago
• nullsection / SharpETW-Patch

  View on GitHub
  ☆23Nov 29, 2023Updated 2 years ago
• BC-SECURITY / IronSharpPack

  View on GitHub
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆118May 2, 2024Updated last year
• vyrus001 / ebowla-2

  View on GitHub
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆23Sep 15, 2021Updated 4 years ago
• MythicAgents / scarecrow_wrapper

  View on GitHub
  ☆22Jun 9, 2025Updated 8 months ago
• ytk2128 / api-monitor32

  View on GitHub
  A simple tool for detecting memory modifications to Windows API.
  ☆23Jan 9, 2025Updated last year
• MythicAgents / bloodhound

  View on GitHub
  Bloodhound agent for Mythic
  ☆23Apr 19, 2025Updated 9 months ago
• RixedLabs / IDLE-Abuse

  View on GitHub
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆55Apr 4, 2023Updated 2 years ago
• 4ndr34z / ntlmthief

  View on GitHub
  ☆52Feb 8, 2024Updated 2 years ago
• awgh / madns

  View on GitHub
  DNS server for pentesters
  ☆50Nov 2, 2025Updated 3 months ago
• Shrfnt77 / DynamicSyscalls

  View on GitHub
  DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)
  ☆66Nov 13, 2022Updated 3 years ago
• G0ldenGunSec / DayBird

  View on GitHub
  Extension functionality for the NightHawk operator client
  ☆26Nov 3, 2023Updated 2 years ago
• MythicAgents / nemesis

  View on GitHub
  Nemesis agent for Mythic
  ☆28Dec 11, 2025Updated 2 months ago
• mertdas / RedPersist

  View on GitHub
  ☆222Mar 10, 2024Updated last year
• ps1337 / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Jul 21, 2022Updated 3 years ago
• Xenov-X / PoSH_Teams_Message_Thief

  View on GitHub
  Quick and dirty PoSH code to read teams messages
  ☆23Feb 5, 2025Updated last year
• Tylous / Ivy

  View on GitHub
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆24Apr 4, 2023Updated 2 years ago
• ins1gn1a / WoollyMammoth

  View on GitHub
  Toolkit for manual buffer exploitation, which features a basic network socket fuzzer, offset pattern generator and detector, bad characte…
  ☆24Nov 24, 2019Updated 6 years ago
• FourCoreLabs / TrustedInstallerPOC

  View on GitHub
  A simple go Proof of Concept to start a new shell as TrustedInstaller
  ☆63Sep 11, 2023Updated 2 years ago
• walnutsecurity / cve-2021-42013

  View on GitHub
  cve-2021-42013.py is a python script that will help in finding Path Traversal or Remote Code Execution vulnerability in Apache 2.4.50
  ☆25Jan 23, 2023Updated 3 years ago
• Bl4ckM1rror / PEAs

  View on GitHub
  ☆61Dec 15, 2023Updated 2 years ago
• SafeBreach-Labs / EDRaser

  View on GitHub
  EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…
  ☆374Apr 6, 2024Updated last year
• Dec0ne / ShadowSpray

  View on GitHub
  A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
  ☆482Oct 14, 2022Updated 3 years ago
• deepinstinct / VSTO-POC

  View on GitHub
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆32Feb 3, 2023Updated 3 years ago
• Sh4N4C1 / sh4loader

  View on GitHub
  ☆29Sep 4, 2024Updated last year
• ZephrFish / ADFSDump-PS

  View on GitHub
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆38Dec 7, 2025Updated 2 months ago
• malleum-inc / armitage

  View on GitHub
  Fork from @rsmudge/armitage
  ☆34Dec 6, 2022Updated 3 years ago
• 0xthirteen / PerfExec

  View on GitHub
  ☆80Aug 2, 2023Updated 2 years ago
• S3cur3Th1sSh1t / NamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆146May 1, 2021Updated 4 years ago
• IceMoonHSV / Sim

  View on GitHub
  C# User Simulation
  ☆33Oct 6, 2022Updated 3 years ago
• AlgoSecure / Pollenisator

  View on GitHub
  Collaborative pentest tool with highly customizable tools
  ☆73Jan 6, 2022Updated 4 years ago
• lsegal / cppgo

  View on GitHub
  Call virtual methods on C++ classes from Go without cgo.
  ☆88Feb 1, 2024Updated 2 years ago
• eversinc33 / SharpStartWebclient

  View on GitHub
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆77Feb 8, 2023Updated 3 years ago
• mit-ll / SPARTA

  View on GitHub
  Security and Privacy Assurance Research Test and Assessment (SPARTA) tool suite
  ☆37Jun 2, 2017Updated 8 years ago
• rootSySdk / PowerGPOAbuse

  View on GitHub
  Powershell version of SharpGPOAbuse
  ☆90May 21, 2021Updated 4 years ago
• abdulkadir-gungor / HtmlSmuggling

  View on GitHub
  HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachm…
  ☆143Jun 20, 2022Updated 3 years ago
• arunvnnk / AVbypass

  View on GitHub
  Techniques that i have used to evade anti-virus during pen tests.
  ☆13May 29, 2018Updated 7 years ago