☆38Oct 16, 2025Updated 5 months ago
Alternatives and similar repositories for lolmil
Users that are interested in lolmil are comparing it to the libraries listed below
Sorting:
- Simple and sane cryptographic wrapper library.☆27Apr 21, 2023Updated 2 years ago
- A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…☆21Jul 14, 2024Updated last year
- Open Source Implementation of Cobalt Strike's Malleable C2☆96Jan 27, 2026Updated last month
- ☆37Nov 8, 2024Updated last year
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆170May 17, 2023Updated 2 years ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆18Jul 15, 2025Updated 8 months ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆20Dec 3, 2024Updated last year
- Detect BypassUAC using AMSI☆29Feb 18, 2025Updated last year
- 64-bit, position-independent implant template for Windows in Rust.☆174Nov 28, 2025Updated 3 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆23Feb 26, 2026Updated 3 weeks ago
- ECC Public Key Cryptography☆37Oct 29, 2023Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- Registers Vectored Exception Handlers by directly manipulating internal LdrpVectorHandlerList structure instead of calling RtlAddVectored…☆35Jan 18, 2026Updated 2 months ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆17Aug 14, 2023Updated 2 years ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆50May 8, 2024Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆249Sep 8, 2024Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆93Apr 23, 2025Updated 10 months ago
- Reverse Socks5 proxy for windows☆16Oct 13, 2022Updated 3 years ago
- Educational proof-of-concept demonstrating DEP/NX bypass using hardware breakpoints, vectored exception handling, and instruction emulati…☆99Oct 17, 2025Updated 5 months ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated last year
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- Position-independent Reflective Loader for macOS☆119Feb 19, 2026Updated last month
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆66Mar 1, 2025Updated last year
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Repository to gather the .NET malware I will be developing☆18Mar 7, 2026Updated last week
- tsh多终端代理通信☆19Feb 26, 2025Updated last year
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆33Sep 23, 2022Updated 3 years ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆234Feb 12, 2025Updated last year
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 11 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆132Sep 4, 2025Updated 6 months ago