Alternatives and similar repositories for lnk-builder

Users that are interested in lnk-builder are comparing it to the libraries listed below

• dmcxblue / SharpBlackout
  Terminate AV/EDR leveraging BYOVD attack
  ☆102Updated 5 months ago
• werdhaihai / SharpAltShellCodeExec
  Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
  ☆81Updated 2 years ago
• xiosec / Terminator
  PowerShell script to terminate protected processes such as anti-malware and EDRs.
  ☆28Updated 2 years ago
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆50Updated last year
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆38Updated last year
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆85Updated 2 years ago
• almounah / go-buena-clr
  Good CLR Host with Native patchless AMSI Bypass
  ☆88Updated 4 months ago
• dmcxblue / SharpGhostTask
  A C# port from Invoke-GhostTask
  ☆118Updated last year
• RalfHacker / HTTPServerWithUpload
  Python3 HTTP Server with upload functionality
  ☆16Updated last year
• ice-wzl / wmiexec2
  wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures …
  ☆36Updated 2 months ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆160Updated last year
• LuemmelSec / ntlmrelayx.py_to_exe
  ☆88Updated 2 years ago
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆113Updated last year
• securifybv / BOFRyptor
  ☆124Updated last year
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆57Updated 8 months ago
• Hypnoze57 / SharpHound4Cobalt
  C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
  ☆58Updated 2 years ago
• REDMED-X / InjectKit
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆101Updated last year
• Mr-Un1k0d3r / Cookie-and-Handle-Stealer
  C or BOF file to extract WebKit master key to decrypt user cookie
  ☆203Updated last year
• rasta-mouse / SpawnWith
  ☆110Updated 6 months ago
• sexyiam / UAC-Bypass
  UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.
  ☆49Updated last year
• Faisal-P27 / WAREED-DNS-C2
  ☆119Updated 5 months ago
• rasta-mouse / SCMUACBypass
  ☆100Updated 2 years ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆99Updated 2 years ago
• cybersectroll / SharpPersistSD
  ☆90Updated last year
• dis0rder0x00 / ParentProcessManipulation-LNK
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆26Updated 11 months ago
• wsummerhill / DictionShellcode
  Encode shellcode into dictionary words for evasion and entropy reduction
  ☆27Updated 10 months ago
• c3r3br4t3 / ShadowRDP
  ☆73Updated last year
• djackreuter / btexec
  Execute shellcode via Bluetooth device authentication
  ☆40Updated 6 months ago
• mallo-m / AxiomDumper
  Lsass dumper evading (some) EDR detection
  ☆26Updated 6 months ago
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆157Updated last year