Alternatives and similar repositories for chameleon

Users that are interested in chameleon are comparing it to the libraries listed below

• OtterHacker / Hooker
  ☆108Updated last year
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆125Updated 5 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 4 months ago
• andreisss / Remote-DLL-Injection-with-Timer-based-Shellcode-Execution
  Remote DLL Injection with Timer-based Shellcode Execution
  ☆151Updated 4 months ago
• whokilleddb / ASPxecute
  Execute shellcode via ASPNET compiler
  ☆58Updated 2 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆100Updated 5 months ago
• warpnet / COM-Fuzzer
  Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…
  ☆149Updated last week
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆163Updated last year
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆161Updated 4 months ago
• dis0rder0x00 / obex
  Obex – Blocking unwanted DLLs in user mode
  ☆266Updated 2 months ago
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆164Updated 9 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 6 months ago
• EvilWhales / nightshade
  ☆32Updated 5 months ago
• xaitax / NTSleuth
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆153Updated 3 months ago
• wetw0rk / wetw0rk.github.io
  ☆20Updated last month
• CICADA8-Research / MyMSIAnalyzer
  Analyse MSI files for vulnerabilities
  ☆138Updated last year
• Maldev-Academy / TrapFlagForSyscalling
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆134Updated 3 months ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 11 months ago
• bohops / COM-to-the-Darkside
  Slides and resources from MCTTP 2025 Talk
  ☆66Updated last month
• MatheuZSecurity / ElfDoor-gcc
  ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
  ☆132Updated 7 months ago
• dmcxblue / WSL-Payloads
  A small How-To on creating your own weaponized WSL file
  ☆119Updated 4 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆101Updated 8 months ago
• deepinstinct / ShimMe
  ☆145Updated last year
• rad9800 / FileRenameJunctionsEDRDisable
  ☆159Updated 11 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆50Updated last year
• rad9800 / talks
  ☆60Updated 7 months ago
• yo-yo-yo-jbo / commandline_spoofing
  Commandline spoofing on Windows
  ☆49Updated last week
• mez-0 / citadel
  A Payload Analysis Framework
  ☆110Updated last month
• CodeXTF2 / CustomC2ChannelTemplate
  template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.
  ☆92Updated last week
• duhirsch / MoveEdr
  Permanently disable EDRs as local admin
  ☆121Updated last month