Alternatives and similar repositories for Ender-Rat

Users that are interested in Ender-Rat are comparing it to the libraries listed below

• melardev / XeytanWin32-RAT
  WORK IN PROGRESS. RAT written in C++ using Win32 API
  ☆19Updated 5 years ago
• SLAUC91 / DLLFinder
  Enumerate the DLLs/Modules using NtQueryVirtualMemory
  ☆32Updated 10 years ago
• rtcrowley / Offensive-Netsh-Helper
  Maintain Windows Persistence with an evil Netshell Helper DLL
  ☆12Updated 6 years ago
• avarenina / Windows-PE-Injection
  PE Injection with ring3 hook bypass
  ☆10Updated 4 years ago
• smb01 / zxshell
  a open source rat from china
  ☆26Updated 8 years ago
• MalwareMechanic / RISCYpacker
  Process Hollowing Packer
  ☆26Updated 7 years ago
• w1u0u1 / Dll2Shellcode
  Convert native dll to shellcode, and support exported function
  ☆22Updated 4 years ago
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 3 years ago
• Souhardya / Slavyana
  Windows Sandbox Framework
  ☆38Updated 3 years ago
• Narumiii / phantommap
  Phantom DLL Hollowing method implemented in modmap
  ☆17Updated 4 years ago
• elddy / Windows-NTAPI-Injector
  Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
  ☆41Updated 4 years ago
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆35Updated 4 years ago
• HFaeiro / Remote-Admin-Tool
  Simple remote administration tool. Written in c++ and MASM.
  ☆18Updated 7 years ago
• whobornin1980 / AsyncRAT
  TCP Asynchronous Socket - Remote Administration Tool
  ☆10Updated 6 years ago
• AzAgarampur / byeintegrity4-uac
  Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers
  ☆18Updated 3 years ago
• laomms / EXE2DLL_CLR
  Add export function and convert exe to dll
  ☆25Updated 4 years ago
• SaltedFishBayonet / Kill-3X0_kill360
  Only for research and learning, not for commercial and illegal use
  ☆11Updated 5 years ago
• huykingsofm / Packed-Infected-PE
  A tool is used to infected a shellcode to PE file, the shellcode is packed at compile time and unpacked at runtime
  ☆13Updated 4 years ago
• whokilleddb / A-Study-in-Obfuscation
  A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
  ☆42Updated 2 years ago
• Q4n / SuperPriv
  从admin冲到TrustedInstaller
  ☆17Updated 2 years ago
• HFaeiro / Lialis
  Rebuild of the original Remote Admin Tool
  ☆9Updated 5 years ago
• HadesW / HttpRAT
  HTTPS GET RAT and Memory Loader
  ☆25Updated last week
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver
  exploit termdd.sys(support kb4499175)
  ☆59Updated 5 years ago
• oXis / DoublePulsarPayload
  C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.
  ☆30Updated 3 years ago
• ewilded / PPID_spoof
  An example of how to spawn a process with a spoofed parent PID (Visual C++)
  ☆27Updated 6 years ago
• AlexRuzin / Helios
  A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain
  ☆25Updated 7 years ago
• 0xhido / BlueLight
  Open-source EDR kernel-component for system monitoring and DLL injection
  ☆31Updated 4 years ago
• 1M50RRY / runpe-native-loader
  Loader and RunPE file executer
  ☆17Updated 6 years ago
• John-Yu / Simple_PE_packer
  The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…
  ☆19Updated 7 years ago
• aaaddress1 / masqueradeCmdline
  A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
  ☆40Updated 4 years ago