Alternatives and similar repositories for HelloWorldXll

Users that are interested in HelloWorldXll are comparing it to the libraries listed below

• Cobalt-Strike / ProxyDLLExample
  code for the Proxy DLL example blog post
  ☆61Updated 3 years ago
• med0x2e / vba2clr
  Running .NET from VBA
  ☆146Updated 2 years ago
• p3nt4 / RunDLL.Net
  Execute .Net assemblies using Rundll32.exe
  ☆112Updated 4 years ago
• TheWover / Manager
  Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET
  ☆63Updated 5 years ago
• glinares / VBA-Stendhal
  Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware
  ☆38Updated 4 years ago
• TheWover / ModuleMonitor
  Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…
  ☆41Updated 6 years ago
• djhohnstein / SharpSC
  Simple .NET assembly to interact with services.
  ☆40Updated 5 years ago
• ctxis / DynamicWrapperEx
  x64 Registration-Free In-Process COM Automation Server.
  ☆48Updated 2 years ago
• BaptisteVeyssiere / vba-macro-obfuscator
  Python script to obfuscate VBA (Virtual Basic for Applications) macros
  ☆56Updated 5 years ago
• ambray / ProcessHollowing
  Simple Process Hollowing in C#
  ☆69Updated 7 years ago
• FuzzySecurity / Dendrobate
  Managed code hooking template.
  ☆131Updated 3 years ago
• Adepts-Of-0xCC / VBA-macro-experiments
  Collection of VBA macro published in our twitter / blog
  ☆157Updated 2 years ago
• breakid / SharpUtils
  A collection of C# utilities intended to be used with Cobalt Strike's execute-assembly
  ☆48Updated 2 years ago
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆54Updated 5 years ago
• NVISOsecurity / DInvisibleRegistry
  DInvisibleRegistry
  ☆82Updated 4 years ago
• Soledge / BlockEtw
  .Net Assembly to block ETW telemetry in current process
  ☆79Updated 5 years ago
• med0x2e / NoAmci
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆217Updated 5 years ago
• RedLectroid / APIunhooker
  C++ function that will automagically unhook a specified Windows API
  ☆63Updated 4 years ago
• rmdavy / VBAFunctionPointers
  ☆19Updated 4 years ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆84Updated 2 years ago
• CCob / ProvisionAppx
  ☆39Updated 2 years ago
• jackullrich / universal-syscall-64
  Resolve syscall numbers at runtime for all Windows versions.
  ☆61Updated 7 months ago
• S3cur3Th1sSh1t / SharpRDP
  Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
  ☆11Updated 4 years ago
• ch4meleon / vba_obfuscator
  VBA Obfuscator which I used for obfuscating vba codes to embed into Microsoft Word document while I'm doing some signature bypass testing…
  ☆32Updated 5 years ago
• mgeeky / VisualBasicObfuscator
  Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.
  ☆137Updated 3 years ago
• aahmad097 / BadOutlook
  (kinda) Malicious Outlook Reader
  ☆136Updated 4 years ago
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆61Updated 2 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 3 years ago
• moohax / xllpoc
  Code Exec via Excel
  ☆87Updated 7 years ago
• TheWover / donut-demos
  Demos of Donut used in conferences, etc. Mostly for my use, but free for others to use as a reference.
  ☆32Updated 5 years ago