Alternatives and similar repositories for concealed_position

Users that are interested in concealed_position are comparing it to the libraries listed below

• deepinstinct / LsassSilentProcessExit
  Command line interface to dump LSASS memory to disk via SilentProcessExit
  ☆447Updated 4 years ago
• outflanknl / InlineWhispers
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)
  ☆316Updated 3 years ago
• mdsecactivebreach / Farmer
  ☆388Updated 4 years ago
• FSecureLABS / Ninjasploit
  A meterpreter extension for applying hooks to avoid windows defender memory scans
  ☆246Updated 4 years ago
• boku7 / winx64-InjectAllProcessesMeterpreter-Shellcode
  64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.
  ☆129Updated 2 years ago
• jfmaes / SharpZipRunner
  Executes position independent shellcode from an encrypted zip
  ☆304Updated 4 years ago
• xforcered / WFH
  ☆189Updated 2 years ago
• Mr-Un1k0d3r / DLLsForHackers
  Dll that can be used for side loading and other attack vector.
  ☆201Updated 4 years ago
• bats3c / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆261Updated 4 years ago
• subat0mik / whoamsi
  An effort to track security vendors' use of Microsoft's Antimalware Scan Interface
  ☆247Updated 3 years ago
• last-byte / RIPPL
  RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows
  ☆7Updated 3 years ago
• xforcered / CredBandit
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆243Updated 3 years ago
• ajpc500 / BOFs
  Collection of Beacon Object Files
  ☆590Updated 2 years ago
• codewhitesec / HandleKatz
  PIC lsass dumper using cloned handles
  ☆589Updated 2 years ago
• RiccardoAncarani / LiquidSnake
  LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
  ☆338Updated 3 years ago
• deepinstinct / Lsass-Shtinkering
  ☆380Updated 2 years ago
• med0x2e / NoAmci
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆217Updated 5 years ago
• itm4n / Perfusion
  Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
  ☆420Updated 4 years ago
• med0x2e / NTLMRelay2Self
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆403Updated last year
• jfmaes / Invoke-DLLClone
  Koppeling x Metatwin x LazySign
  ☆210Updated 3 years ago
• ajpc500 / NimlineWhispers
  A very proof-of-concept port of InlineWhispers for using syscalls in Nim projects.
  ☆167Updated 3 years ago
• outflanknl / FindObjects-BOF
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆271Updated 2 years ago
• thefLink / DeepSleep
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆365Updated 3 years ago
• klezVirus / CandyPotato
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆307Updated 3 years ago
• nccgroup / acCOMplice
  Tools for discovery and abuse of COM hijacks
  ☆310Updated 5 years ago
• xforcered / InvisibilityCloak
  Proof-of-concept obfuscation toolkit for C# post-exploitation tools
  ☆424Updated 2 years ago
• riskydissonance / SafetyDump
  Dump stuff without touching disk
  ☆162Updated 4 years ago
• chompie1337 / SIGRed_RCE_PoC
  ☆265Updated last year
• RedSection / OffensivePH
  OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
  ☆333Updated 3 years ago
• antonioCoco / MalSeclogon
  A little tool to play with the Seclogon service
  ☆315Updated 2 years ago