Alternatives and similar repositories for OffensiveLua

Users that are interested in OffensiveLua are comparing it to the libraries listed below

• hackerhouse-opensource / Artillery
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆173Updated last year
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆200Updated 11 months ago
• floesen / EventLogCrasher
  ☆187Updated last year
• itaymigdal / LOLSpoof
  An interactive shell to spoof some LOLBins command line
  ☆184Updated last year
• RePRGM / Nimperiments
  Various one-off pentesting projects written in Nim. Updates happen on a whim.
  ☆152Updated 4 months ago
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆187Updated 2 months ago
• mandiant / msi-search
  ☆277Updated last year
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated last year
• MzHmO / NtlmThief
  Extracting NetNTLM without touching lsass.exe
  ☆235Updated last year
• rtecCyberSec / Packer_Development
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆258Updated 11 months ago
• icyguider / LatLoader
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆302Updated last year
• kleiton0x00 / Proxy-DLL-Loads
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆339Updated 3 months ago
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆147Updated last year
• cybersectroll / TrollAMSI
  ☆174Updated 6 months ago
• V-i-x-x / AMSI-BYPASS
  "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
  ☆274Updated last month
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆187Updated last year
• 0xthirteen / Carseat
  Python implementation of GhostPack's Seatbelt situational awareness tool
  ☆257Updated 6 months ago
• ZERODETECTION / MSC_Dropper
  ☆155Updated 9 months ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆167Updated last year
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆178Updated 3 months ago
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆151Updated last year
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆266Updated last year
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆175Updated last year
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆261Updated 7 months ago
• Maldev-Academy / Christmas
  ☆256Updated last year
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆164Updated 5 months ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆266Updated 7 months ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆161Updated 2 months ago
• hackerhouse-opensource / WMIProcessWatcher
  A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
  ☆134Updated last year
• WKL-Sec / GregsBestFriend
  GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
  ☆189Updated last year