jborean93/PSDetour

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jborean93/PSDetour)

jborean93 / PSDetour

Windows Detour Hooking in PowerShell

☆83

Alternatives and similar repositories for PSDetour

Users that are interested in PSDetour are comparing it to the libraries listed below

Sorting:

jborean93 / PSDetour-Hooks
View on GitHub
Auditing Hooks for https://github.com/jborean93/PSDetour
☆13Apr 29, 2025Updated 10 months ago
jborean93 / PowerShell-ctypes
View on GitHub
PowerShell module for ctypes/PInvoke calls
☆28Jun 12, 2025Updated 8 months ago
MartinGC94 / UsefulArgumentCompleters
View on GitHub
☆13Aug 20, 2025Updated 6 months ago
jborean93 / PSPrivilege
View on GitHub
Manage process privileges and adjust Windows rights/privileges in PowerShell
☆45Nov 26, 2021Updated 4 years ago
SeeminglyScience / ScriptBlockDisassembler
View on GitHub
See generated code for a ScriptBlock
☆23Dec 19, 2021Updated 4 years ago
jborean93 / PowerShell-OpenAuthenticode
View on GitHub
Cross platform PowerShell implementation of Authenticode signing and verification
☆41Sep 30, 2025Updated 5 months ago
jborean93 / ProcessEx
View on GitHub
Exposes the Windows Process creation Win32 functions in PowerShell
☆55Aug 6, 2025Updated 7 months ago
jborean93 / PSWSMan
View on GitHub
☆25Feb 16, 2024Updated 2 years ago
JustinGrote / PowerServe
View on GitHub
Run PowerShell scripts repeatedly in a high performance manner.
☆29Jan 25, 2026Updated last month
jborean93 / PSAccessToken
View on GitHub
PowerShell Module that can query, edit, and create Windows Access Tokens
☆14Sep 3, 2024Updated last year
timwhitez / Etwti-UnhookPOC
View on GitHub
Etwti-UnhookPOC just for test
☆12Aug 23, 2022Updated 3 years ago
Allevon412 / ReflectiveDLLInjector
View on GitHub
This program is used to perform reflective DLL Injection to a remote process specified by the user.
☆64Jul 11, 2023Updated 2 years ago
jborean93 / PSOpenAD
View on GitHub
Cross-platform PowerShell module alternative to Microsoft's Active Directory module
☆126Jan 14, 2026Updated last month
DragoQCC / ShellcodeEncryption
View on GitHub
Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…
☆15Mar 18, 2022Updated 3 years ago
SeeminglyScience / ILAssembler
View on GitHub
ILAsm-like DSL for PowerShell
☆16Oct 18, 2020Updated 5 years ago
zacbre / AssemblyCompressor
View on GitHub
Use GZip to compress your .NET assemblies for loading with AssemblyResolve.
☆20Apr 11, 2014Updated 11 years ago
DragoQCC / Iron-Injector
View on GitHub
Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.
☆13Mar 16, 2022Updated 3 years ago
erlwes / PSAdaptiveCard
View on GitHub
Generate Adaptive Cards JSON with PowerShell-code
☆19Jul 21, 2025Updated 7 months ago
santisq / PSParallelPipeline
View on GitHub
Parallel processing of pipeline input objects!
☆36Oct 28, 2025Updated 4 months ago
CymulateResearch / Blindside
View on GitHub
Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms
☆136Dec 20, 2022Updated 3 years ago
jborean93 / PowerShell-Yayaml
View on GitHub
A YAML parser and writer that uses an Assembly Load Context on PowerShell 7+
☆39Sep 12, 2025Updated 5 months ago
loneicewolf / smbdoor
View on GitHub
improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
☆49Mar 10, 2023Updated 2 years ago
LethalSnake1337 / PE-Loader-exercise
View on GitHub
A simple PE loader.
☆27Dec 9, 2022Updated 3 years ago
Meckazin / HidingFromETW
View on GitHub
PoC for detecting and evading ETW detection of .Net Assembly.Load
☆21Aug 26, 2020Updated 5 years ago
ironmansoftware / psmsi
View on GitHub
Create MSIs using PowerShell.
☆275Nov 1, 2025Updated 4 months ago
0xsp-SRD / callback_injection-Csharp
View on GitHub
this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…
☆88Jun 24, 2022Updated 3 years ago
OccamsXor / Dragnmove
View on GitHub
Infect Shared Files In Memory for Lateral Movement
☆193Dec 14, 2022Updated 3 years ago
jborean93 / PSEtw
View on GitHub
PowerShell ETW consumer module
☆31May 21, 2025Updated 9 months ago
jborean93 / PSToml
View on GitHub
PowerShell TOML Parser and Writer
☆63Mar 12, 2025Updated 11 months ago
IISResetMe / Legislator
View on GitHub
Legislator is a simple .NET interface authoring tool written in PowerShell
☆28Dec 1, 2021Updated 4 years ago
MrAle98 / BOF-RunPE
View on GitHub
☆57Apr 19, 2023Updated 2 years ago
LloydLabs / shellcode-plain-sight
View on GitHub
Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
☆211Nov 12, 2025Updated 3 months ago
clod81 / loader_process_hollow_copy_in_chunk
View on GitHub
About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once
☆13Jul 14, 2022Updated 3 years ago
bryanroma / HollowSVC
View on GitHub
Windows Service with the implementation of the Process hollowing technique to run shellcode
☆14Jul 20, 2023Updated 2 years ago
Cobalt-Strike / callback_examples
View on GitHub
This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions
☆38Mar 17, 2025Updated 11 months ago
theart42 / Sharpcat
View on GitHub
A port of classic netcat to C#
☆34Jan 21, 2023Updated 3 years ago
RistBS / ContextMenuHijack
View on GitHub
Execute a payload at each right click on a file/folder in the explorer menu for persistence
☆175Mar 15, 2023Updated 2 years ago
goichot / OverLAPS
View on GitHub
Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic"
☆22Oct 12, 2025Updated 4 months ago
gam4er / SneakyRun
View on GitHub
Some stuff for PHD2021
☆14May 21, 2025Updated 9 months ago