Alternatives and similar repositories for Protect_Loader

Users that are interested in Protect_Loader are comparing it to the libraries listed below

• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 8 months ago
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆61Updated 8 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆68Updated 3 weeks ago
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61Updated 8 months ago
• NtDallas / Ulfberht
  Shellcode loader
  ☆98Updated last year
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆67Updated last year
• asaurusrex / Silent_Chrome
  This code silently installs Chrome extensions on Mac, Windows, and Linux
  ☆117Updated 5 months ago
• alex3O / BYOVD-DriverKiller
  Driver Reverse & Exploitation
  ☆82Updated 4 months ago
• zarkones / BloodfangC2
  Modern PIC implant for Windows (64 & 32 bit)
  ☆105Updated 5 months ago
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆85Updated 2 years ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆75Updated last year
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆83Updated last year
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Updated last year
• Teach2Breach / pool_party_rs
  remote process injections using pool party techniques
  ☆69Updated 6 months ago
• internetangel / ZeroCrumb
  Dumping App Bound Protected Credentials & Cookies Without Privileges.
  ☆165Updated 7 months ago
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆84Updated last year
• patrickt2017 / VEHNetLoader
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆49Updated 6 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆101Updated last year
• hwbp / LazyHook
  Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.
  ☆126Updated last month
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year
• mhaskar / FsquirtCPLPoC
  PoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin
  ☆102Updated last week
• rasta-mouse / Crystal-Loaders
  A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike
  ☆180Updated 2 months ago
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆72Updated 2 years ago
• 0xf00sec / Aether
  Self-mutating macOS implant
  ☆105Updated 3 weeks ago
• almounah / superdeye
  Indirect Syscall with TartarusGate Approach in Go
  ☆133Updated 6 months ago
• M1ndo / WerDump
  A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
  ☆164Updated 3 months ago
• cybersectroll / TrollDump
  ☆83Updated last year
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆89Updated 10 months ago
• SecTheBit / ZoomBotC2
  ☆57Updated 6 months ago
• entropy-z / Kharon
  Agent for AdaptixC2 with focus in evasion, capability and malleable.
  ☆127Updated 3 weeks ago