florylsk/ExecIT

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/florylsk/ExecIT)

florylsk / ExecIT

Execute shellcode files with rundll32

☆216

Alternatives and similar repositories for ExecIT

Users that are interested in ExecIT are comparing it to the libraries listed below

Sorting:

rasta-mouse / CsWhispers
View on GitHub
Source generator to add D/Invoke and indirect syscall methods to a C# project.
☆190Mar 4, 2024Updated last year
oldboy21 / SyscallMeMaybe
View on GitHub
Implementation of Indirect Syscall technique to pop a calc.exe
☆113Jan 25, 2024Updated 2 years ago
outflanknl / unmanaged-dotnet-patch
View on GitHub
Modify managed functions from unmanaged code
☆53Feb 1, 2024Updated 2 years ago
Cipher7 / ChaiLdr
View on GitHub
AV bypass while you sip your Chai!
☆224May 17, 2024Updated last year
reveng007 / DarkWidow
View on GitHub
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
☆776Jan 26, 2026Updated last month
icyguider / UAC-BOF-Bonanza
View on GitHub
Collection of UAC Bypass Techniques Weaponized as BOFs
☆607Feb 21, 2024Updated 2 years ago
senzee1984 / InflativeLoading
View on GitHub
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
☆325Apr 12, 2024Updated last year
d419h / IconJector
View on GitHub
Inject DLLs into the explorer process using icons
☆408May 18, 2025Updated 9 months ago
pard0p / CallstackSpoofingPOC
View on GitHub
C++ self-Injecting dropper based on various EDR evasion techniques.
☆427Feb 11, 2024Updated 2 years ago
dmcxblue / SharpGhostTask
View on GitHub
A C# port from Invoke-GhostTask
☆120Jan 5, 2024Updated 2 years ago
Maldev-Academy / RemoteTLSCallbackInjection
View on GitHub
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
☆287Jan 21, 2024Updated 2 years ago
florylsk / RecycledInjector
View on GitHub
Native Syscalls Shellcode Injector
☆266Jul 2, 2023Updated 2 years ago
0xEr3bus / PoolPartyBof
View on GitHub
A beacon object file implementation of PoolParty Process Injection Technique.
☆434Dec 21, 2023Updated 2 years ago
naksyn / ProcessStomping
View on GitHub
A variation of ProcessOverwriting to execute shellcode on an executable's section
☆148Dec 16, 2023Updated 2 years ago
Bl4ckM1rror / PEAs
View on GitHub
☆60Dec 15, 2023Updated 2 years ago
georgesotiriadis / Chimera
View on GitHub
Automated DLL Sideloading Tool With EDR Evasion Capabilities
☆503Dec 19, 2023Updated 2 years ago
sokaRepo / CoercedPotatoRDLL
View on GitHub
Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
☆225Nov 23, 2023Updated 2 years ago
CognisysGroup / HadesLdr
View on GitHub
Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
☆293Jul 15, 2023Updated 2 years ago
CaptainNox / Hypnos
View on GitHub
A more reliable way of resolving syscall numbers in Windows
☆55Feb 12, 2024Updated 2 years ago
frkngksl / UnlinkDLL
View on GitHub
DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
☆59Dec 15, 2023Updated 2 years ago
MalwareTech / EDR-Preloader
View on GitHub
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
☆539Feb 13, 2024Updated 2 years ago
oldboy21 / RflDllOb
View on GitHub
Reflective DLL Injection Made Bella
☆249Jan 6, 2025Updated last year
Maldev-Academy / MaldevAcademyLdr.1
View on GitHub
RunPE implementation with multiple evasive techniques (1)
☆380Sep 22, 2023Updated 2 years ago
itaymigdal / LOLSpoof
View on GitHub
An interactive shell to spoof some LOLBins command line
☆188Jan 27, 2024Updated 2 years ago
cpu0x00 / SharpReflectivePEInjection
View on GitHub
reflectively load and execute PEs locally and remotely bypassing EDR hooks
☆164Jan 4, 2024Updated 2 years ago
MzHmO / Parasite-Invoke
View on GitHub
Hide your P/Invoke signatures through other people's signed assemblies
☆211Mar 10, 2024Updated last year
mlcsec / FormThief
View on GitHub
Spoofing desktop login applications with WinForms and WPF
☆177Feb 19, 2024Updated 2 years ago
ricardojoserf / TrickDump
View on GitHub
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
☆537May 9, 2025Updated 9 months ago
kyleavery / pendulum
View on GitHub
Linux Sleep Obfuscation
☆112Jan 7, 2024Updated 2 years ago
lsecqt / ThreadlessInject-C-Implementation
View on GitHub
This repository implements Threadless Injection in C
☆172Dec 23, 2023Updated 2 years ago
fortra / No-Consolation
View on GitHub
A BOF that runs unmanaged PEs inline
☆680Oct 23, 2024Updated last year
VoldeSec / PatchlessInlineExecute-Assembly
View on GitHub
Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
☆275Apr 17, 2023Updated 2 years ago
fin3ss3g0d / NativeThreadpool
View on GitHub
Work, timer, and wait callback example using solely Native Windows APIs.
☆88Feb 11, 2024Updated 2 years ago
senzee1984 / MutationGate
View on GitHub
Use hardware breakpoint to dynamically change SSN in run-time
☆279Apr 10, 2024Updated last year
Cracked5pider / LdrLibraryEx
View on GitHub
A small x64 library to load dll's into memory.
☆457Nov 6, 2023Updated 2 years ago
Cipher7 / ApexLdr
View on GitHub
ApexLdr is a DLL Payload Loader written in C
☆117Jul 17, 2024Updated last year
florylsk / NtRemoteLoad
View on GitHub
Remote Shellcode Injector
☆220Aug 27, 2023Updated 2 years ago
Karkas66 / CelestialSpark
View on GitHub
Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
☆103Mar 27, 2025Updated 11 months ago
YOLOP0wn / POSTDump
View on GitHub
☆341Nov 10, 2025Updated 3 months ago