Alternatives and similar repositories for VSTO-POC

Users that are interested in VSTO-POC are comparing it to the libraries listed below

• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆84Updated 2 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆55Updated 2 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆33Updated 3 years ago
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆52Updated 5 years ago
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆36Updated last year
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆35Updated 2 years ago
• EspressoCake / BetterPipename
  Example of using Sleep to create better named pipes.
  ☆41Updated 2 years ago
• OffenseTeacher / Steganim
  ☆47Updated 2 years ago
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆55Updated 4 years ago
• V3ded / ToolDump-v1
  Some of my custom "tools".
  ☆29Updated 3 years ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆88Updated 2 years ago
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Updated last year
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 4 years ago
• snovvcrash / BOFs
  Beacon Object Files (not Buffer Overflows)
  ☆56Updated 2 years ago
• bugch3ck / SharpLdapWhoami
  WhoAmI by asking the LDAP service on a domain controller.
  ☆64Updated 3 years ago
• Adepts-Of-0xCC / SnoopyOwl
  ☆48Updated 4 years ago
• jsecu / BOF-pack-1
  A care package of useful bofs for red team engagments
  ☆55Updated 11 months ago
• EspressoCake / DLL-Exports-Extraction-BOF
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆84Updated 4 years ago
• Allevon412 / BreadManModuleStomping
  ☆43Updated 2 years ago
• jsecu / ElevatedEvents
  ☆31Updated 3 years ago
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Updated 3 years ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆23Updated 2 years ago
• Bl4ckM1rror / PEAs
  ☆61Updated last year
• dobin / antniumui
  The Web UI for Antnium
  ☆27Updated 3 years ago
• dosxuz / ProcessGhosting
  Small POC for process ghosting
  ☆40Updated 3 years ago
• mobdk / Upsilon
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆92Updated 4 years ago
• zimawhit3 / DynimicGhostWriting
  Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
  ☆29Updated 4 years ago
• 0xbad53c / OffSecOps-Arsenal
  Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.
  ☆44Updated last year
• OtterHacker / Cerbere
  ☆49Updated 2 years ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆41Updated 2 years ago