Alternatives and similar repositories for shelf

Users that are interested in shelf are comparing it to the libraries listed below

• Binject / exec2shell
  Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode
  ☆104Updated 2 years ago
• chompie1337 / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆162Updated last year
• Y3A / CVE-2023-28229
  ☆131Updated last year
• raykaryshyn / FakeTLS
  Client/server code that impersonates TLS 1.3 to disguise C2 activity.
  ☆70Updated 2 years ago
• evilashz / PigSyscall
  An implementation of an indirect system call
  ☆129Updated last year
• 0vercl0k / CVE-2022-21974
  PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability"
  ☆60Updated 3 years ago
• Nero22k / cve-2023-29360
  Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
  ☆149Updated last year
• killvxk / awesome_shell_loaders
  shellcode-loaders and beacon-loaders
  ☆64Updated last year
• bestspear / ReBeacon_ForClang
  Beacon compiled using clang
  ☆70Updated 2 years ago
• M01N-Team / HeaderLessPE
  ☆240Updated last year
• crisprss / Extracted_WD_VDM
  Windows Defender VDM lua collections
  ☆47Updated 2 years ago
• killvxk / CVE-2024-38193-Nephster
  ☆58Updated 8 months ago
• fortra / CVE-2022-37969
  Windows LPE exploit for CVE-2022-37969
  ☆136Updated 2 years ago
• Nero22k / cve-2023-36802
  Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver
  ☆112Updated last year
• killvxk / awesome-C2
  C2
  ☆103Updated 3 months ago
• Techryptic / Pokemon-Shellcode-Loader
  Tired of looking at hex all day and popping '\x41's? Rather look at Lugia/Charmander? I have the solution for you.
  ☆124Updated 2 years ago
• Black-Frost / windows-learning
  ☆139Updated 3 months ago
• roadwy / SideloadFinder
  frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can …
  ☆52Updated 2 years ago
• wabzsy / gonut
  Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
  ☆59Updated last year
• eversinc33 / GpuDecryptShellcode
  XOR decrypting shellcode using the GPU with OpenCL.
  ☆100Updated last month
• The-Z-Labs / cli4bofs
  A swiss army knife tool for running, injecting and organizing your BOFs collection
  ☆59Updated last week
• hackerhouse-opensource / ColorDataProxyUACBypass
  Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…
  ☆138Updated 2 years ago
• RalfHacker / CVE-2024-26229-exploit
  Windows LPE
  ☆127Updated last year
• SecTheBit / Windows-Internals
  Learnings about windows Internals
  ☆94Updated last year
• RistBS / ContextMenuHijack
  Execute a payload at each right click on a file/folder in the explorer menu for persistence
  ☆174Updated 2 years ago
• 0xlane / com-process-inject
  Process Injection via Component Object Model (COM) IRundown::DoCallback().
  ☆60Updated 2 years ago
• ASkyeye / FilelessRemotePE
  Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
  ☆67Updated 2 years ago
• arget13 / memdlopen
  dlopen() filelessly a shared object or even a program (and run it).
  ☆55Updated last year
• Hagrid29 / BYOVDKit
  bring your own vulnerable driver
  ☆100Updated 2 years ago
• trustedsec / ELFLoader
  ☆273Updated 3 years ago