Alternatives and similar repositories for PichichiH0ll0wer

Users that are interested in PichichiH0ll0wer are comparing it to the libraries listed below

• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• ghostbyt3 / BYOVDFinder
  Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
  ☆72Updated 3 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆50Updated last year
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆101Updated 7 months ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆69Updated last year
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated 2 years ago
• zero2504 / FrostLock-Injection
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆31Updated 7 months ago
• mansk1es / GhostFart
  ☆137Updated 2 years ago
• joe-desimone / rep-research
  ☆77Updated last year
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆89Updated 2 years ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Updated last year
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆103Updated 2 years ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆98Updated last year
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆162Updated 11 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆32Updated 7 months ago
• patrickt2017 / VEHNetLoader
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆49Updated 4 months ago
• Z4kSec / IoctlHunter
  IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.
  ☆104Updated last year
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆123Updated 2 years ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆159Updated 11 months ago
• OtterHacker / Hooker
  ☆108Updated last year
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆121Updated last year
• kr0tt / EarlyExceptionHandling
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆129Updated 2 months ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆76Updated 3 weeks ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆52Updated last year
• jdu2600 / Get-InjectedThreadEx
  Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2
  ☆46Updated 2 years ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated last year
• zimnyaa / xyrella
  PoC XLL builder in Python/Nim
  ☆49Updated 3 years ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆73Updated last year
• MEhrn00 / boflink
  Linker for Beacon Object Files
  ☆130Updated 2 weeks ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year