Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.
☆231Mar 13, 2026Updated 2 weeks ago
Alternatives and similar repositories for DLLHijackHunter
Users that are interested in DLLHijackHunter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated 2 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆139Apr 6, 2025Updated 11 months ago
- Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions☆64Nov 15, 2025Updated 4 months ago
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆42Feb 6, 2026Updated last month
- sideloading PoC using onedrive.exe & version.dll☆93Oct 30, 2025Updated 4 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Example payload for CVE-2022-21894☆15Sep 27, 2023Updated 2 years ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 4 months ago
- Dump protected files (SAM,SYSTEM,SECURITY) by parsing the raw NTFS partition☆38Nov 11, 2025Updated 4 months ago
- PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph☆80Mar 13, 2026Updated last week
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- Executing Shellcode with ReadDirectoryChanges’s Hidden Callback☆30Oct 13, 2025Updated 5 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 5 months ago
- Founding is a generator that will create a loader encrypted or obfuscated with different execution types☆131Aug 23, 2025Updated 7 months ago
- Dump Kerberos tickets☆45Aug 4, 2025Updated 7 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 2 months ago
- Shellcode injection using the Windows Debugging API☆171Jan 4, 2026Updated 2 months ago
- Indirect-Shellcode-Executor expoits the miss-configuration/vulnerability present on the API Windows method ReadProcessMemory discovered b…☆84Nov 15, 2025Updated 4 months ago
- ☆59Dec 10, 2025Updated 3 months ago
- Collection of BOFs created for red team/adversary emulation engagements. Created to be small and interchangeable, for quick recon or even…☆265Mar 11, 2026Updated 2 weeks ago
- Invoke-SPSI - Simple PowerShell Shellcode Injector☆37Oct 9, 2025Updated 5 months ago
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆129Feb 17, 2026Updated last month
- a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.☆93May 24, 2025Updated 10 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆66Jan 5, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Notion C2 Profile for Mythic☆40Mar 3, 2026Updated 3 weeks ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆36Nov 24, 2024Updated last year
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 6 months ago
- A Cobalt Strike RL built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and sta…☆164Mar 15, 2026Updated last week
- ☆14Jul 26, 2025Updated 8 months ago
- Modified version of PEAS client for offensive operations☆50Nov 1, 2025Updated 4 months ago
- A Dockerized build pipeline for custom Windows x64 shellcode☆54Dec 12, 2025Updated 3 months ago
- CVE-2025-33053 Proof Of Concept (PoC)☆63Jun 17, 2025Updated 9 months ago
- A hoontr must hoont☆106Nov 27, 2025Updated 3 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆137Mar 13, 2026Updated last week
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆93Jan 2, 2026Updated 2 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- ☆61Oct 24, 2025Updated 5 months ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆230Nov 6, 2025Updated 4 months ago
- ☆55May 31, 2025Updated 9 months ago