Alternatives and similar repositories for BPFDoor:

Users that are interested in BPFDoor are comparing it to the libraries listed below

• Allevon412 / PPL_Sandboxer
  ☆82Updated 3 years ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆66Updated 3 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 3 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆52Updated last year
• gavz / s4killer
  ☆16Updated last year
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆70Updated last year
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆47Updated 2 years ago
• benheise / TitanLdr
  Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
  ☆46Updated 3 years ago
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆18Updated 2 years ago
• aaaddress1 / xlsKami
  Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets
  ☆48Updated 3 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated last year
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆54Updated 2 years ago
• Wh04m1001 / RazerEoP
  ☆26Updated 2 years ago
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆25Updated 2 years ago
• farinap5 / bitmap4shell
  A (quite) simple steganography algorithm to hide shellcodes within bitmap image.
  ☆21Updated 10 months ago
• Hagrid29 / herpaderply_hollowing
  Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
  ☆53Updated 2 years ago
• listinvest / undonut
  Unpacker for donut shellcode
  ☆17Updated 4 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• zimawhit3 / DynimicGhostWriting
  Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
  ☆29Updated 3 years ago
• OtterHacker / CoffLoader
  ☆52Updated 2 years ago
• boku7 / x64win-DynamicNoNull-WinExec-PopCalc-Shellcode
  64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free
  ☆61Updated 2 years ago
• deepinstinct / VSTO-POC
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆31Updated 2 years ago
• Cobalt-Strike / obfuscator-llvm
  ☆47Updated last year
• EgeBalci / syscall_api
  ☆37Updated last year
• Ap3x / COFF-Loader
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆44Updated last year
• AzAgarampur / byeintegrity9-uac
  ☆36Updated 2 years ago
• xforcered / xPipe
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆54Updated 3 years ago
• EvanMcBroom / fuse-loader
  Load a dynamic library from memory using a fuse mount
  ☆30Updated last year
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆71Updated last year
• whokilleddb / A-Study-in-Obfuscation
  A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
  ☆41Updated 2 years ago