Alternatives and similar repositories for better-sliver

Users that are interested in better-sliver are comparing it to the libraries listed below

• sagiol / Terms-of-What

  View on GitHub
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆44Jun 23, 2025Updated 7 months ago
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆208Dec 25, 2024Updated last year
• tijme / nimplant-beacon-position-independent-c-code

  View on GitHub
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆66Feb 11, 2025Updated last year
• jsecu / ModTask

  View on GitHub
  ☆53Sep 23, 2025Updated 4 months ago
• som3canadian / Cloudflare-Redirector

  View on GitHub
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆184Mar 14, 2025Updated 11 months ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆183Jan 17, 2026Updated last month
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆70Jun 29, 2025Updated 7 months ago
• ZERODETECTION / Havoc_Demon_API_Hashing

  View on GitHub
  Rehashing APIs to prevent hash based detection
  ☆14Jan 7, 2025Updated last year
• Teach2Breach / hollow_rs

  View on GitHub
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆31Feb 7, 2025Updated last year
• boku7 / StringReaper

  View on GitHub
  Reaping treasures from strings in remote processes memory
  ☆285Feb 8, 2025Updated last year
• mubix / redteam-collab

  View on GitHub
  Red Team Collaboration Infrastructure
  ☆98Apr 24, 2025Updated 9 months ago
• 0xRedpoll / SignalKeyBOF

  View on GitHub
  BOF to decrypt Signal Desktop chat logs
  ☆71Feb 20, 2025Updated 11 months ago
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆220Oct 30, 2025Updated 3 months ago
• rasta-mouse / process-inject-kit

  View on GitHub
  Port of Cobalt Strike's Process Inject Kit
  ☆190Dec 1, 2024Updated last year
• tijme / kong-loader

  View on GitHub
  Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…
  ☆63Apr 2, 2025Updated 10 months ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆158Nov 7, 2023Updated 2 years ago
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆194Nov 27, 2024Updated last year
• HulkOperator / CallStackSpoofer

  View on GitHub
  ☆61Dec 19, 2024Updated last year
• KickedDroid / bof_oxide

  View on GitHub
  A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.
  ☆74Aug 24, 2025Updated 5 months ago
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆231Feb 12, 2025Updated last year
• praetorian-inc / goffloader

  View on GitHub
  A Go implementation of Cobalt Strike style BOF/COFF loaders.
  ☆265Feb 22, 2025Updated 11 months ago
• dobin / SuperMega

  View on GitHub
  Stealthily inject shellcode into an executable
  ☆445Oct 19, 2025Updated 3 months ago
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆38Aug 5, 2025Updated 6 months ago
• NtDallas / Svartalfheim

  View on GitHub
  Stage 0
  ☆169Dec 18, 2024Updated last year
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆135Apr 18, 2025Updated 10 months ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• hakaioffsec / coffee

  View on GitHub
  A COFF loader made in Rust
  ☆327Aug 20, 2025Updated 5 months ago
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆208Jan 30, 2025Updated last year
• scrt / PowerChell

  View on GitHub
  A PowerShell console in C/C++ with all the security features disabled
  ☆342Oct 14, 2025Updated 4 months ago
• voidvxvi / HellBunny

  View on GitHub
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆136Dec 22, 2024Updated last year
• ameenalkerdy / ETWShellcodeLoader

  View on GitHub
  Shellcode Loader Utilizing ETW Events
  ☆67Feb 26, 2025Updated 11 months ago
• VoldeSec / PatchlessInlineExecute-Assembly

  View on GitHub
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆273Apr 17, 2023Updated 2 years ago
• rbmm / SC_DEMO

  View on GitHub
  ☆125Dec 12, 2025Updated 2 months ago
• zh54321 / PoCEntraDeviceComplianceBypass

  View on GitHub
  Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
  ☆167Nov 17, 2025Updated 3 months ago
• NtDallas / BOF_RunPe

  View on GitHub
  BOF to run PE in Cobalt Strike Beacon without console creation
  ☆186Nov 23, 2025Updated 2 months ago
• Cracked5pider / earlycascade-injection

  View on GitHub
  early cascade injection PoC based on Outflanks blog post
  ☆236Nov 7, 2024Updated last year
• susMdT / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆52Dec 4, 2023Updated 2 years ago
• Mayyhem / Maestro

  View on GitHub
  Abusing Azure services over C2
  ☆368Jan 20, 2026Updated 3 weeks ago
• ioncodes / SilentLoad

  View on GitHub
  "Service-less" driver loading
  ☆184Nov 28, 2024Updated last year