Alternatives and similar repositories for defender-rs

Users that are interested in defender-rs are comparing it to the libraries listed below

• buldansec / EnableEFS

  View on GitHub
  Enable EFS service as low priv user (PE & BOF)
  ☆21Jul 6, 2025Updated 7 months ago
• Cobalt-Strike / udc2-vs

  View on GitHub
  User-Defined C2 BOF Template
  ☆27Nov 24, 2025Updated 2 months ago
• dis0rder0x00 / ParentProcessManipulation-LNK

  View on GitHub
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆33Sep 21, 2024Updated last year
• racoten / CannonLoader

  View on GitHub
  Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs
  ☆23Jul 11, 2025Updated 7 months ago
• Teach2Breach / phantom_persist_rs

  View on GitHub
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆63Jun 23, 2025Updated 7 months ago
• casp3r0x0 / PolymorphicSignature

  View on GitHub
  A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.
  ☆17Feb 3, 2025Updated last year
• TierZeroSecurity / killerPID-BOF

  View on GitHub
  BOF to terminate a process via PID as argument
  ☆28Sep 7, 2025Updated 5 months ago
• voidvxvi / EnableAllTokenPrivs

  View on GitHub
  Enable or Disable TokenPrivilege(s)
  ☆15May 17, 2024Updated last year
• x0reaxeax / Fetch-n-Exec

  View on GitHub
  An x64 binary executing code that's not inside of it.
  ☆17Feb 28, 2023Updated 2 years ago
• 0xG00S3 / Hashbreaker

  View on GitHub
  A modern, web-based GUI for Hashcat that provides an intuitive interface for hash cracking operations, featuring real-time monitoring, pe…
  ☆33Mar 5, 2025Updated 11 months ago
• m7rick / Havoc-DLLHijack

  View on GitHub
  A tool to assist DLL hijacking via the Havoc GUI
  ☆12Jan 9, 2024Updated 2 years ago
• Oliver-1-1 / EtwKeyboardDetection

  View on GitHub
  ☆37Sep 26, 2024Updated last year
• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆62Nov 8, 2024Updated last year
• elastic / die-rust

  View on GitHub
  Native Rust bindings for @horsicq's Detect-It-Easy
  ☆19Nov 11, 2025Updated 3 months ago
• Azr43lKn1ght / Rust-ProcHollow

  View on GitHub
  Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.
  ☆22Jan 6, 2025Updated last year
• kleiton0x00 / RtlHijack

  View on GitHub
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆78Aug 25, 2025Updated 5 months ago
• JayGLXR / RustyMirage

  View on GitHub
  A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆38Mar 6, 2025Updated 11 months ago
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆35Jan 20, 2025Updated last year
• joaoviictorti / userdmp

  View on GitHub
  A Rust crate to parse user-mode minidump files generated on Windows
  ☆18Nov 17, 2025Updated 2 months ago
• leftp / SharpPXE

  View on GitHub
  A C# tool for extracting information from SCCM PXE boot media.
  ☆45Jan 14, 2026Updated last month
• b1-team / phantom

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆16Aug 14, 2023Updated 2 years ago
• internetangel / ZeroCrumb

  View on GitHub
  Dumping App Bound Protected Credentials & Cookies Without Privileges.
  ☆166May 28, 2025Updated 8 months ago
• mrexodia / zeromcp

  View on GitHub
  Zero-dependency MCP server implementation.
  ☆57Dec 4, 2025Updated 2 months ago
• scriptchildie / gohellsgate

  View on GitHub
  Golang Implementation of Hell's gate
  ☆21May 31, 2023Updated 2 years ago
• N4kedTurtle / SharpTeamsDump

  View on GitHub
  Dump Teams conversations
  ☆19Jun 9, 2021Updated 4 years ago
• atabetnouhaila / API-hashing

  View on GitHub
  ☆18Jan 14, 2026Updated last month
• 0xTriboulet / scepter-rs

  View on GitHub
  A hacky way of getting cross-arch/platform support in Cobalt Strike
  ☆37Aug 31, 2025Updated 5 months ago
• hasherezade / shellc_encoder

  View on GitHub
  Standalone Metasploit-like XOR encoder for shellcode
  ☆50May 12, 2024Updated last year
• MatheuZSecurity / UnhookingLinuxEdr

  View on GitHub
  Attacking the cleanup_module function of a kernel module
  ☆56Jun 30, 2025Updated 7 months ago
• affix / rusty-hollow

  View on GitHub
  Unix Process hollowing in rust
  ☆22Dec 16, 2024Updated last year
• cocomelonc / 2022-04-02-malware-injection-18

  View on GitHub
  Find kernel32 base and API addresses. Simple C++ implementation
  ☆24Apr 7, 2022Updated 3 years ago
• akamai / Mirage

  View on GitHub
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆104Feb 25, 2025Updated 11 months ago
• outflanknl / regcertipy

  View on GitHub
  Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does
  ☆94Jul 3, 2025Updated 7 months ago
• 0xTriboulet / Abomination

  View on GitHub
  A synergized Visual Studio and Rust development environment
  ☆19Jan 25, 2025Updated last year
• WKL-Sec / docker-cobaltstrike

  View on GitHub
  Docker container for running CobaltStrike 4.7 and above
  ☆24Mar 20, 2025Updated 10 months ago
• Maldev-Academy / HookingLsassForCredentials

  View on GitHub
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆54May 12, 2025Updated 9 months ago
• EvilWhales / RProxy-LAB

  View on GitHub
  RProxy LAB is intended solely for educational purposes and authorized security testing with EvilGinx / Modlishka / EvilPuppet e.t.c tools
  ☆48Dec 14, 2025Updated 2 months ago
• joaoviictorti / rustbof

  View on GitHub
  A Rust template for writing Beacon Object Files (BOFs)
  ☆87Updated this week
• Whitecat18 / earlycascade-injection

  View on GitHub
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆67Dec 26, 2025Updated last month