Alternatives and similar repositories for ProcCallback

Users that are interested in ProcCallback are comparing it to the libraries listed below

• netbiosX / GhostLoader

  View on GitHub
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆53May 21, 2020Updated 5 years ago
• shantanu561993 / DLL-Sideload

  View on GitHub
  ☆43Jan 2, 2023Updated 3 years ago
• Cracked5pider / Rhaast

  View on GitHub
  doesnt work and wont work on it anymore
  ☆10Jul 8, 2024Updated last year
• RixedLabs / IDLE-Abuse

  View on GitHub
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆55Apr 4, 2023Updated 2 years ago
• ScriptIdiot / sleepmask_ekko_cfg

  View on GitHub
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆49Mar 15, 2023Updated 2 years ago
• arsium / BypassGetModuleBaseAddressAndGetExportAddress

  View on GitHub
  A proof of concept of real custom GetProcAddress and GetModuleBaseAddress
  ☆21Jul 9, 2022Updated 3 years ago
• 0xTriboulet / emerald_template

  View on GitHub
  A cmake template for crystal palace
  ☆38Dec 20, 2025Updated last month
• knight0x07 / WinRAR-CVE-2025-8088-PoC-RAR

  View on GitHub
  WinRAR 0day CVE-2025-8088 PoC RAR Archive
  ☆45Aug 12, 2025Updated 6 months ago
• sliverarmory / beignet

  View on GitHub
  MacOS Shared Library to Shellcode Loader
  ☆39Feb 5, 2026Updated last week
• Cobalt-Strike / callback_examples

  View on GitHub
  This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions
  ☆38Mar 17, 2025Updated 10 months ago
• jasondrawdy / ShellGen

  View on GitHub
  Dynamic and extensible shell code generator with multiple output types which can be formatted in binary, hexadecimal, and the typical she…
  ☆19May 1, 2020Updated 5 years ago
• jasondrawdy / Amaterasu

  View on GitHub
  Lightweight licensing library for .NET applications which allows the managing of licenses via web based scripts and on-the-fly code compi…
  ☆15May 1, 2020Updated 5 years ago
• Octoberfest7 / Proxy_Egress_Persistence

  View on GitHub
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆34Sep 15, 2022Updated 3 years ago
• Octoberfest7 / DropSpawn_BOF

  View on GitHub
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆285Jun 8, 2023Updated 2 years ago
• Allevon412 / ClassicAPIUnhooking

  View on GitHub
  ☆16Nov 23, 2021Updated 4 years ago
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆60Jan 5, 2026Updated last month
• mdsecresearch / NSAMeetingWithProxyShell

  View on GitHub
  ☆19Sep 15, 2021Updated 4 years ago
• skelsec / aardwolfgui

  View on GitHub
  Asynchronous RDP/VNC client for Python (GUI)
  ☆75Jan 1, 2025Updated last year
• HadesW / power-kill

  View on GitHub
  power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes
  ☆48Sep 27, 2021Updated 4 years ago
• zimnyaa / fiber-stager

  View on GitHub
  A simple Nim stager (w/ fiber execution)
  ☆20Jan 31, 2022Updated 4 years ago
• umpolungfish / byvalver

  View on GitHub
  takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalities
  ☆57Updated this week
• cirosec / warbird-demos

  View on GitHub
  ☆44Nov 7, 2024Updated last year
• christ0ph3r / uptime-cli

  View on GitHub
  Monitor your websites uptime and downtime in the terminal with the Uptime Robot API
  ☆18Mar 6, 2018Updated 7 years ago
• MITRECND / picaboo

  View on GitHub
  Specialized tool to dump Position Independent Code.
  ☆22Aug 4, 2020Updated 5 years ago
• rad9800 / BloatedHammer

  View on GitHub
  API Hammering with C++20
  ☆50Jul 21, 2022Updated 3 years ago
• maliciousgroup / RDI-SRDI

  View on GitHub
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆85Apr 11, 2023Updated 2 years ago
• netero1010 / TrustedPath-UACBypass-BOF

  View on GitHub
  Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…
  ☆146Aug 16, 2021Updated 4 years ago
• RootInj3c / MalDev-Analyzer-MCP

  View on GitHub
  Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…
  ☆43Aug 10, 2025Updated 6 months ago
• monoxgas / minibus

  View on GitHub
  Remote code execution in Power Platform connectors via JSON deserialization
  ☆23Mar 30, 2023Updated 2 years ago
• BlackOfWorld / NtCreateUserProcess

  View on GitHub
  A small NtCreateUserProcess PoC that spawns a Command prompt.
  ☆101Aug 25, 2022Updated 3 years ago
• snovvcrash / BOFs

  View on GitHub
  Beacon Object Files (not Buffer Overflows)
  ☆58Mar 6, 2023Updated 2 years ago
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆38Aug 5, 2025Updated 6 months ago
• vlinx-io / NativeImageAnalyzer

  View on GitHub
  GraalVM NativeImage Decompilation/Reverse Tool
  ☆26Jan 21, 2024Updated 2 years ago
• REDMED-X / InjectKit

  View on GitHub
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆105Jan 24, 2024Updated 2 years ago
• ceramicskate0 / BOF-Builder

  View on GitHub
  C# .Net 5.0 project to build BOF (Beacon Object Files) in mass
  ☆25Jul 25, 2023Updated 2 years ago
• keydet89 / LNK

  View on GitHub
  Repository for LNK stuff
  ☆31Aug 31, 2022Updated 3 years ago
• ps1337 / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Jul 21, 2022Updated 3 years ago
• bharadwajyas / ppdump-public

  View on GitHub
  Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…
  ☆25Mar 26, 2020Updated 5 years ago
• ConstantinT / Lantern

  View on GitHub
  ☆23Nov 13, 2021Updated 4 years ago