Alternatives and similar repositories for wanderer

Users that are interested in wanderer are comparing it to the libraries listed below

• REDMED-X / InjectKit

  View on GitHub
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆105Jan 24, 2024Updated 2 years ago
• naksyn / Pyramid

  View on GitHub
  a tool to help operate in EDRs' blind spots
  ☆769Dec 2, 2024Updated last year
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆259Jun 29, 2024Updated last year
• EspressoCake / Defender-Exclusions-Creator-BOF

  View on GitHub
  ☆84Nov 1, 2023Updated 2 years ago
• rkbennett / pybof

  View on GitHub
  Python module for running BOFs
  ☆79Nov 28, 2025Updated 2 months ago
• rasta-mouse / MinHook.NET

  View on GitHub
  A C# port of the MinHook API hooking library
  ☆56Oct 5, 2022Updated 3 years ago
• Pascal-0x90 / sideloadr

  View on GitHub
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆58Oct 10, 2022Updated 3 years ago
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆146May 18, 2024Updated last year
• naksyn / ProcessStomping

  View on GitHub
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Dec 16, 2023Updated 2 years ago
• binderlabs / DirCreate2System

  View on GitHub
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆363Dec 19, 2022Updated 3 years ago
• xforcered / InvisibilityCloak

  View on GitHub
  Proof-of-concept obfuscation toolkit for C# post-exploitation tools
  ☆430Jul 22, 2022Updated 3 years ago
• layer8secure / SilentHound

  View on GitHub
  Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
  ☆501Jan 23, 2023Updated 3 years ago
• RedSiege / What-The-F

  View on GitHub
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆70Jun 25, 2024Updated last year
• capt-meelo / laZzzy

  View on GitHub
  laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
  ☆501Jan 10, 2023Updated 3 years ago
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆808Sep 4, 2024Updated last year
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆675Dec 23, 2022Updated 3 years ago
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆408Jan 11, 2026Updated last month
• dr4k0nia / MurkyStrings

  View on GitHub
  A string obfuscator for .NET apps, built to evade static string analysis.
  ☆111Jan 3, 2023Updated 3 years ago
• RedSiege / PersistAssist

  View on GitHub
  Fully modular persistence framework
  ☆259Apr 10, 2023Updated 2 years ago
• redteamsocietegenerale / DLLirant

  View on GitHub
  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
  ☆497Nov 29, 2022Updated 3 years ago
• KINGSABRI / ServerlessRedirector

  View on GitHub
  Serverless Redirector in various cloud vendor for red team
  ☆73Dec 8, 2022Updated 3 years ago
• OtterHacker / CoffLoader

  View on GitHub
  ☆60Jan 9, 2023Updated 3 years ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆122May 29, 2022Updated 3 years ago
• Octoberfest7 / Cohab_Processes

  View on GitHub
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆84Jan 6, 2023Updated 3 years ago
• tothi / stager_libpeconv

  View on GitHub
  A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading
  ☆84Nov 21, 2022Updated 3 years ago
• ustayready / wnfexec

  View on GitHub
  WNF Code Execution Library Using C#
  ☆112May 18, 2020Updated 5 years ago
• rasta-mouse / PPEnum

  View on GitHub
  Simple BOF to read the protection level of a process
  ☆118May 10, 2023Updated 2 years ago
• florylsk / RecycledInjector

  View on GitHub
  Native Syscalls Shellcode Injector
  ☆267Jul 2, 2023Updated 2 years ago
• wsummerhill / IPv4Fuscation-Encrypted

  View on GitHub
  ☆20Mar 21, 2024Updated last year
• jackmichalak / phishim

  View on GitHub
  Easy red team phishing with Puppeteer
  ☆133Feb 6, 2023Updated 3 years ago
• ChoiSG / OneDriveUpdaterSideloading

  View on GitHub
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆100Oct 13, 2022Updated 3 years ago
• boku7 / xPipe

  View on GitHub
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆93Mar 8, 2023Updated 2 years ago
• Accenture / Codecepticon

  View on GitHub
  .NET/PowerShell/VBA Offensive Security Obfuscator
  ☆514Feb 1, 2024Updated 2 years ago
• byt3bl33d3r / NimDllSideload

  View on GitHub
  DLL sideloading/proxying with Nim!
  ☆175Dec 4, 2022Updated 3 years ago
• ChoiSG / GwisinMsi

  View on GitHub
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆25Sep 19, 2022Updated 3 years ago
• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• OtterHacker / Cerbere

  View on GitHub
  ☆49Feb 11, 2023Updated 3 years ago
• VirtualAlllocEx / Payload-Download-Cradles

  View on GitHub
  This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …
  ☆256Jul 7, 2022Updated 3 years ago
• naksyn / PythonMemoryModule

  View on GitHub
  pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory
  ☆332Jun 22, 2024Updated last year