hdks-bug/redteam-techniques external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hdks-bug/redteam-techniques

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hdks-bug/redteam-techniques)

Close

hdks-bug / redteam-techniquesView on GitHubMore

• External links
• Readme badge

Collection of red team techniques.

☆67Apr 25, 2025Updated 10 months ago

Alternatives and similar repositories for redteam-techniques

Users that are interested in redteam-techniques are comparing it to the libraries listed below

• akamai / Mirage

  View on GitHub
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆104Feb 25, 2025Updated last year
• JayGLXR / RustyMirage

  View on GitHub
  A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆38Mar 6, 2025Updated 11 months ago
• caueb / ThreadlessStompingKann

  View on GitHub
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆79Dec 23, 2023Updated 2 years ago
• Teach2Breach / hollow_rs

  View on GitHub
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆31Feb 7, 2025Updated last year
• ZERODETECTION / Havoc_Demon_API_Hashing

  View on GitHub
  Rehashing APIs to prevent hash based detection
  ☆14Jan 7, 2025Updated last year
• zzhsec / NlsCodeInjectionThroughRegistry

  View on GitHub
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆17Jun 18, 2022Updated 3 years ago
• nbaertsch / nimHeapEnc

  View on GitHub
  Heap encryption in Nim
  ☆20Aug 25, 2024Updated last year
• sagiol / Terms-of-What

  View on GitHub
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆44Jun 23, 2025Updated 8 months ago
• ameenalkerdy / ETWShellcodeLoader

  View on GitHub
  Shellcode Loader Utilizing ETW Events
  ☆67Feb 26, 2025Updated last year
• JayGLXR / NomadLoader

  View on GitHub
  An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…
  ☆65Mar 1, 2025Updated last year
• itaymigdal / PartyLoader

  View on GitHub
  Threadless shellcode injection tool
  ☆68Aug 5, 2024Updated last year
• hasherezade / waiting_thread_hijacking

  View on GitHub
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆264Aug 31, 2025Updated 6 months ago
• 0xTriboulet / T-1

  View on GitHub
  T-1 is a shellcode loader that leverages ML techniques to detect VM environments
  ☆34Oct 30, 2024Updated last year
• JayGLXR / Rusty-Stardust

  View on GitHub
  A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…
  ☆59Mar 17, 2025Updated 11 months ago
• racoten / BetterNetLoader

  View on GitHub
  A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints
  ☆121Jul 11, 2025Updated 7 months ago
• dobin / RedEdr

  View on GitHub
  Collect Windows telemetry for Maldev
  ☆460Jan 30, 2026Updated last month
• xRedCodex / BofArsenal

  View on GitHub
  The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23
  ☆23Jun 19, 2025Updated 8 months ago
• seriotonctf / kerberos_aes_key

  View on GitHub
  Generate AES128 and AES256 Kerberos keys from a given username, password, and realm
  ☆18Sep 18, 2024Updated last year
• dis0rder0x00 / ParentProcessManipulation-LNK

  View on GitHub
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆34Sep 21, 2024Updated last year
• Kr0ff / WinMalDev

  View on GitHub
  Various methods of executing shellcode
  ☆74Mar 27, 2023Updated 2 years ago
• susMdT / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆52Dec 4, 2023Updated 2 years ago
• ricardojoserf / SharpNado

  View on GitHub
  Repository to gather the .NET malware I will be developing
  ☆18Mar 23, 2025Updated 11 months ago
• m4ul3r / malware

  View on GitHub
  malware written for educational purposes
  ☆71Dec 31, 2025Updated 2 months ago
• itaymigdal / awesome-injection

  View on GitHub
  Centralized resource for listing and organizing known injection techniques and POCs
  ☆682Feb 1, 2026Updated last month
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆232Feb 12, 2025Updated last year
• Azr43lKn1ght / Rusty-PE-Packer

  View on GitHub
  A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.
  ☆42Jan 9, 2025Updated last year
• tijme / relocatable

  View on GitHub
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆117Jan 20, 2025Updated last year
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆225Oct 30, 2025Updated 4 months ago
• SecTheBit / MalDevelopment

  View on GitHub
  All my POC related to malware development
  ☆15Feb 19, 2026Updated last week
• itaymigdal / Poshito

  View on GitHub
  Poshito is a Windows C2 over Telegram
  ☆21Oct 30, 2024Updated last year
• vxCrypt0r / Voidmaw

  View on GitHub
  A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…
  ☆340Oct 7, 2024Updated last year
• 0xG00S3 / Hashbreaker

  View on GitHub
  A modern, web-based GUI for Hashcat that provides an intuitive interface for hash cracking operations, featuring real-time monitoring, pe…
  ☆34Mar 5, 2025Updated 11 months ago
• passthehashbrowns / Being-A-Good-CLR-Host

  View on GitHub
  ☆86Jan 21, 2025Updated last year
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆63Mar 19, 2024Updated last year
• fern89 / C2

  View on GitHub
  A basic C2 framework written in C
  ☆59Jul 7, 2024Updated last year
• NetSPI / BOF-PE

  View on GitHub
  An example reference design for a proposed BOF PE
  ☆200Jan 23, 2026Updated last month
• outflanknl / macho-loader

  View on GitHub
  Position-independent Reflective Loader for macOS
  ☆118Feb 19, 2026Updated last week
• jsecu / ModTask

  View on GitHub
  ☆53Sep 23, 2025Updated 5 months ago
• cainiao1992 / ollvm-mingw

  View on GitHub
  An Obfuscator-LLVM based mingw-w64 toolchain.
  ☆46Dec 9, 2021Updated 4 years ago