Alternatives and similar repositories for PSXecute:

Users that are interested in PSXecute are comparing it to the libraries listed below

• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆147Updated last month
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆167Updated last week
• realoriginal / grimreaper
  A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
  ☆105Updated 4 months ago
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆64Updated last week
• rad9800 / FileRenameJunctionsEDRDisable
  ☆136Updated last month
• xrombar / flower
  a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
  ☆96Updated 9 months ago
• mansk1es / GhostFart
  ☆134Updated last year
• realoriginal / shellcode-template
  A cmkr based win32 shellcode template for a unified build platform and more production friendly structure/testing.
  ☆65Updated last month
• 0prrr / Malwear-Sweet
  Malware?
  ☆69Updated 3 months ago
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆215Updated 4 months ago
• kozmer / aad-bofs
  AzureAD beacon object files
  ☆105Updated last month
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆157Updated last month
• ZERODETECTION / MSC_Dropper
  ☆136Updated 5 months ago
• safedv / Rustic64
  64-bit, position-independent implant template for Windows in Rust.
  ☆103Updated 3 months ago
• realoriginal / titanldr-ng
  A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …
  ☆172Updated last year
• decoder-it / RelabelAbuse
  ☆60Updated 7 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 5 months ago
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆40Updated 6 months ago
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆115Updated 7 months ago
• Z4kSec / IoctlHunter
  IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.
  ☆96Updated last year
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆114Updated last year
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆66Updated 2 weeks ago
• NtDallas / Draugr
  BOF with Synthetic Stackframe
  ☆58Updated this week
• Octoberfest7 / enumhandles_BOF
  ☆121Updated 4 months ago
• oldkingcone / BYOSI
  Evade EDR's the simple way, by not touching any of the API's they hook.
  ☆68Updated 5 months ago
• Macmod / ldapx
  Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.
  ☆101Updated 3 weeks ago
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆90Updated last week
• passthehashbrowns / BOFMask
  ☆111Updated last year
• fin3ss3g0d / StoneKeeper
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆151Updated 3 weeks ago
• Kudaes / Eclipse
  Activation Context Hijack
  ☆140Updated last month