Alternatives and similar repositories for VSTO-POC

Users that are interested in VSTO-POC are comparing it to the libraries listed below

• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆19Updated 2 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆55Updated 2 years ago
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆54Updated 5 years ago
• shantanu561993 / DLL-Sideload
  ☆41Updated 2 years ago
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated 2 years ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆23Updated last year
• OffenseTeacher / Steganim
  ☆47Updated 2 years ago
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆36Updated last year
• EspressoCake / BetterPipename
  Example of using Sleep to create better named pipes.
  ☆41Updated 2 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆33Updated 2 years ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Updated last year
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 3 years ago
• V3ded / ToolDump-v1
  Some of my custom "tools".
  ☆29Updated 3 years ago
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Updated 3 years ago
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆84Updated 2 years ago
• rbmm / SDD
  Self Delete DLL
  ☆23Updated last year
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆86Updated 2 years ago
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆62Updated 3 years ago
• jsecu / ElevatedEvents
  ☆31Updated 2 years ago
• praetorian-inc / Matryoshka
  Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.
  ☆39Updated 4 years ago
• rkbennett / pyThreadlessInject
  A python port of CCob's ThreadlessInject
  ☆25Updated 2 years ago
• KingOfTheNOPs / EnableWebDAVClient-BOF
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆22Updated last year
• Allevon412 / BreadManModuleStomping
  ☆43Updated last year
• Wh04m1001 / PICDumper
  ☆25Updated 3 years ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆40Updated 2 years ago
• Quack2332 / Simple-.NET-Obfuscator-PoC
  ☆24Updated last year
• hackerhouse-opensource / Gigabyte_ElevatePersist
  Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…
  ☆31Updated 2 years ago
• dobin / antniumui
  The Web UI for Antnium
  ☆27Updated 3 years ago
• Workday / raw-disk-parser
  A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs
  ☆18Updated last week