Alternatives and similar repositories for SharpXOR:

Users that are interested in SharpXOR are comparing it to the libraries listed below

• mobdk / Sigma
  Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx
  ☆14Updated 3 years ago
• klezVirus / LoGiC.NET
  A more advanced free and open .NET obfuscator using dnlib.
  ☆10Updated 2 years ago
• thesnoom / extps-cobalt-strike-bof
  Extended Process List (Search functionality)
  ☆29Updated 4 years ago
• jnqpblc / SharpReg
  SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.
  ☆27Updated 4 years ago
• jnqpblc / SharpSvc
  SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.
  ☆25Updated last year
• invictus-0x90 / Docker-C3
  Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container
  ☆26Updated 3 years ago
• m8sec / EAPrimer
  C# project to Reflectively load .Net assemblies in memory
  ☆17Updated 9 months ago
• vysecurity / AzureAppC2
  A script that can be deployed to Azure App for C2 / Proxy / Redirector
  ☆36Updated 5 years ago
• GetRektBoy724 / JALSI
  JALSI - Just Another Lame Shellcode Injector
  ☆30Updated 3 years ago
• mobdk / winNoise
  Execute embedded Mimikatz
  ☆13Updated 3 years ago
• Adepts-Of-0xCC / SnoopyOwl
  ☆48Updated 3 years ago
• samisecure / LsassDumpReflectiveDll
  Dump Lsass Memory Using a Reflective Dll
  ☆14Updated 3 years ago
• ChaitanyaHaritash / NIM-Scripts
  ☆18Updated 3 years ago
• GeorgePatsias / PayloadFactory
  C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.
  ☆35Updated 3 years ago
• ASkyeye / ElusiveMice
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆8Updated 2 years ago
• rmdavy / AmsiPEBWalkVBAx64
  ☆14Updated 4 years ago
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆31Updated 2 years ago
• moloch-- / DarkLoadLibrary
  LoadLibrary for offensive operations
  ☆33Updated 3 years ago
• hausec / Set-RBCDBytes
  ☆17Updated 4 years ago
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Updated last year
• fashionproof / CheckSafeBoot
  I used this to see if an EDR is running in Safe Mode
  ☆36Updated 4 years ago
• crawl3r / FunWithAMSI
  A repo to hold any bypasses I work on/study/whatever
  ☆19Updated 4 years ago
• jfmaes / Ansible-Cobalt-Strike
  An Ansible role to install cobalt-strike
  ☆16Updated 4 years ago
• kyleavery / scarecrow_wrapper
  ☆37Updated 3 years ago
• trustedsec / inProc_Evade_Get-InjectedThread
  PoC code from blog
  ☆16Updated 5 years ago
• sk3w / beacon-object-files
  Miscellaneous examples for use with Cobalt Strike Beacon
  ☆10Updated 4 years ago
• EspressoCake / Cobalt_Strike_Ansible
  A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.
  ☆34Updated 3 years ago
• tomcarver16 / SimpleInjector
  A simple injector that uses LoadLibraryA
  ☆17Updated 4 years ago
• passthehashbrowns / DInvokeProcessHollowing
  ☆28Updated 4 years ago
• tid4l / SharpCGHunter
  Receive the status of Windows Defender Credential Guard on network hosts.
  ☆27Updated 3 years ago