Alternatives and similar repositories for HelloWorldXll

Users that are interested in HelloWorldXll are comparing it to the libraries listed below

• Cobalt-Strike / ProxyDLLExample
  code for the Proxy DLL example blog post
  ☆61Updated 3 years ago
• med0x2e / vba2clr
  Running .NET from VBA
  ☆145Updated 2 years ago
• p3nt4 / RunDLL.Net
  Execute .Net assemblies using Rundll32.exe
  ☆111Updated 4 years ago
• FuzzySecurity / Dendrobate
  Managed code hooking template.
  ☆131Updated 3 years ago
• Adepts-Of-0xCC / VBA-macro-experiments
  Collection of VBA macro published in our twitter / blog
  ☆157Updated 2 years ago
• moohax / xllpoc
  Code Exec via Excel
  ☆87Updated 7 years ago
• TheWover / Manager
  Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET
  ☆63Updated 5 years ago
• TheWover / donut-demos
  Demos of Donut used in conferences, etc. Mostly for my use, but free for others to use as a reference.
  ☆32Updated 5 years ago
• Maff1t / WindowsPermsPoC
  A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows
  ☆52Updated 3 years ago
• TheWover / ModuleMonitor
  Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…
  ☆41Updated 6 years ago
• CCob / ProvisionAppx
  ☆39Updated 2 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 3 years ago
• RedLectroid / APIunhooker
  C++ function that will automagically unhook a specified Windows API
  ☆62Updated 4 years ago
• rvrsh3ll / MSBuildAPICaller
  MSBuild Without MSBuild.exe
  ☆157Updated 4 years ago
• cobbr / C2Bridge
  C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.
  ☆69Updated 4 years ago
• tothi / stager_libpeconv
  A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading
  ☆84Updated 2 years ago
• TheWover / EasyNet
  Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…
  ☆92Updated 6 years ago
• rasta-mouse / RuralBishop
  D/Invoke port of UrbanBishop
  ☆107Updated 4 years ago
• SolomonSklash / SeasideBishop
  A C port of b33f's UrbanBishop
  ☆38Updated 4 years ago
• rmdavy / VBAFunctionPointers
  ☆19Updated 4 years ago
• perturbed-platypus / UEFIWriteCSharp
  ☆41Updated 5 years ago
• mobdk / Upsilon
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆93Updated 3 years ago
• JohnWoodman / VBA-Macro-Projects
  This repository is a collection of my malicious VBA projects.
  ☆115Updated 4 years ago
• ambray / ProcessHollowing
  Simple Process Hollowing in C#
  ☆69Updated 7 years ago
• S3cur3Th1sSh1t / SharpByeBear
  AppXSVC Service race condition - privilege escalation
  ☆28Updated 5 years ago
• S3cur3Th1sSh1t / SharpRDP
  Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
  ☆11Updated 4 years ago
• glinares / VBA-Stendhal
  Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware
  ☆38Updated 4 years ago
• NVISOsecurity / DInvisibleRegistry
  DInvisibleRegistry
  ☆82Updated 4 years ago
• BaptisteVeyssiere / vba-macro-obfuscator
  Python script to obfuscate VBA (Virtual Basic for Applications) macros
  ☆56Updated 5 years ago
• med0x2e / NoAmci
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆217Updated 5 years ago