Alternatives and similar repositories for PichichiH0ll0wer

Users that are interested in PichichiH0ll0wer are comparing it to the libraries listed below

• ghostbyt3 / BYOVDFinder
  Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
  ☆75Updated 6 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆127Updated 2 years ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆102Updated 10 months ago
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆123Updated last year
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆79Updated 2 years ago
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆103Updated 2 years ago
• Z4kSec / IoctlHunter
  IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.
  ☆105Updated 2 years ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆50Updated last year
• fern89 / ghostwriting-2
  A process injection technique using only thread context manipulation
  ☆40Updated 2 years ago
• x42en / sysplant
  Your syscall factory
  ☆126Updated 2 weeks ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆108Updated 2 years ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆83Updated last year
• mansk1es / GhostFart
  ☆137Updated 2 years ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated last year
• eversinc33 / Godmode
  Tool for playing with Windows Access Token manipulation.
  ☆83Updated 3 years ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆54Updated last year
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆33Updated last year
• Cracked5pider / CodeCave
  A bunch of scripts and code i wrote.
  ☆148Updated last year
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆101Updated last year
• joe-desimone / rep-research
  ☆79Updated last year
• OtterHacker / Hooker
  ☆108Updated last year
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆166Updated last year
• securifybv / BOFRyptor
  ☆122Updated 2 years ago
• gerbsec / SmokeyObfuscator
  Rewrite to fit my needs
  ☆32Updated last year
• nettitude / Tartarus-TpAllocInject
  ☆207Updated 2 years ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆80Updated 2 years ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆101Updated 9 months ago
• dsnezhkov / shutter
  ☆124Updated 4 years ago