Alternatives and similar repositories for PichichiH0ll0wer

Users that are interested in PichichiH0ll0wer are comparing it to the libraries listed below

• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆79Updated 2 years ago
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆126Updated 2 years ago
• Z4kSec / IoctlHunter
  IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.
  ☆105Updated last year
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆83Updated last year
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆101Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆50Updated last year
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆103Updated 2 years ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆76Updated 2 months ago
• ghostbyt3 / BYOVDFinder
  Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
  ☆73Updated 5 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆167Updated last year
• mansk1es / GhostFart
  ☆137Updated 2 years ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated last year
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆102Updated 9 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆159Updated last year
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆89Updated 2 years ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated 2 years ago
• OtterHacker / SetProcessInjection
  ☆151Updated 2 years ago
• fern89 / ghostwriting-2
  A process injection technique using only thread context manipulation
  ☆40Updated 2 years ago
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆123Updated last year
• MEhrn00 / boflink
  Linker for Beacon Object Files
  ☆145Updated 2 weeks ago
• eversinc33 / Godmode
  Tool for playing with Windows Access Token manipulation.
  ☆82Updated 3 years ago
• Bl4ckM1rror / PEAs
  ☆61Updated 2 years ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆74Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆33Updated last year
• joe-desimone / rep-research
  ☆79Updated last year
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆80Updated 2 years ago
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆278Updated last year
• winterknife / SILVERPICK
  Windows User-Mode Shellcode Development Framework (WUMSDF)
  ☆120Updated last month