jsacco/PPL_Bypass external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

jsacco/PPL_Bypass

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jsacco/PPL_Bypass)

Close

jsacco / PPL_BypassView on GitHubMore

• External links
• Readme badge

☆12Apr 7, 2022Updated 3 years ago

Alternatives and similar repositories for PPL_Bypass

Users that are interested in PPL_Bypass are comparing it to the libraries listed below

• lilkui / runasti

  View on GitHub
  Runs programs as TrustedInstaller
  ☆49Jul 1, 2019Updated 6 years ago
• Meckazin / HidingFromETW

  View on GitHub
  PoC for detecting and evading ETW detection of .Net Assembly.Load
  ☆21Aug 26, 2020Updated 5 years ago
• paranoidninja / DotNetTracer

  View on GitHub
  C code to enable ETW tracing for Dotnet Assemblies
  ☆32Aug 12, 2022Updated 3 years ago
• zimnyaa / fiber-stager

  View on GitHub
  A simple Nim stager (w/ fiber execution)
  ☆20Jan 31, 2022Updated 4 years ago
• monoxgas / minibus

  View on GitHub
  Remote code execution in Power Platform connectors via JSON deserialization
  ☆23Mar 30, 2023Updated 2 years ago
• zacbre / AssemblyCompressor

  View on GitHub
  Use GZip to compress your .NET assemblies for loading with AssemblyResolve.
  ☆20Apr 11, 2014Updated 11 years ago
• timwhitez / Etwti-UnhookPOC

  View on GitHub
  Etwti-UnhookPOC just for test
  ☆12Aug 23, 2022Updated 3 years ago
• WithSecureLabs / dotnet-gargoyle

  View on GitHub
  A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique
  ☆52Dec 6, 2018Updated 7 years ago
• trickster0 / CReadMemory

  View on GitHub
  Read Memory without ReadProcessMemory for Current Process
  ☆92Feb 13, 2022Updated 4 years ago
• farfella / in-memory-cpython

  View on GitHub
  An In-memory Embedding of CPython
  ☆31May 24, 2021Updated 4 years ago
• Ahora57 / HypervisorCheckR0

  View on GitHub
  Just check hypervisor in ring0
  ☆16Jun 7, 2023Updated 2 years ago
• lloydamiller / politicosint

  View on GitHub
  OSINT Resources for Politics
  ☆14Aug 13, 2018Updated 7 years ago
• MrAle98 / BOF-RunPE

  View on GitHub
  ☆57Apr 19, 2023Updated 2 years ago
• smokeme / ProxyNotShell

  View on GitHub
  ☆19Oct 2, 2022Updated 3 years ago
• MrAle98 / ATDCM64a-LPE

  View on GitHub
  ☆22Jan 15, 2025Updated last year
• xinnie-the-pooh / MS

  View on GitHub
  巨硬
  ☆17Oct 4, 2023Updated 2 years ago
• waawaa / AMSI_Rubeus_bypass

  View on GitHub
  ☆72Aug 2, 2022Updated 3 years ago
• ommadawn46 / win-x86-shellcoder

  View on GitHub
  A tool for developing bad character-free shellcode to bypass DEP with WriteProcessMemory (32-bit only)
  ☆73Jul 29, 2022Updated 3 years ago
• Allevon412 / ClassicAPIUnhooking

  View on GitHub
  ☆16Nov 23, 2021Updated 4 years ago
• b4r0nd3l4b1rr4 / Teams-CS-Notifier

  View on GitHub
  ☆15Apr 29, 2023Updated 2 years ago
• FuzzySecurity / AdvSim.Compression

  View on GitHub
  Simple and sane compression wrapper library.
  ☆19Oct 28, 2022Updated 3 years ago
• pwndizzle / com-research

  View on GitHub
  Research into COM
  ☆19Jan 25, 2020Updated 6 years ago
• delivr-to / MailCollector

  View on GitHub
  A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM
  ☆20Jul 19, 2025Updated 7 months ago
• D0Gshuang / ShellcodeLoader_stager

  View on GitHub
  ☆19Aug 10, 2022Updated 3 years ago
• oakboat / ByassVTD

  View on GitHub
  ☆29Jul 15, 2025Updated 7 months ago
• codewhitesec / SysmonEnte

  View on GitHub
  ☆78Oct 18, 2022Updated 3 years ago
• improsec / CaddyStager

  View on GitHub
  ☆40May 21, 2022Updated 3 years ago
• VirtueSecurity / benigncertain-monitor

  View on GitHub
  ☆20Apr 21, 2020Updated 5 years ago
• klezVirus / SharpLdapRelayScan

  View on GitHub
  C# Port of LdapRelayScan
  ☆91Nov 26, 2025Updated 3 months ago
• zimnyaa / xyrella

  View on GitHub
  PoC XLL builder in Python/Nim
  ☆49Nov 21, 2022Updated 3 years ago
• am0nsec / MCGC

  View on GitHub
  Minimalist Custom .NET Core Garbage Collector
  ☆23Jun 15, 2020Updated 5 years ago
• Shhoya / Shh0yaKernelHook

  View on GitHub
  Shh0ya Kernel Hook Driver
  ☆25Dec 8, 2020Updated 5 years ago
• zimnyaa / nim-noload-dll-hollowing

  View on GitHub
  Unused DLL hollowing PoC in Nim
  ☆17Jan 31, 2022Updated 4 years ago
• mgeeky / CustomXMLPart

  View on GitHub
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Aug 8, 2022Updated 3 years ago
• jrrgimenez / Nim-HalosGate-Injector

  View on GitHub
  Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.
  ☆20Feb 2, 2022Updated 4 years ago
• DenuvoSoftwareSolutions / DVRT

  View on GitHub
  How Meltdown and Spectre haunt Anti-Cheat: DVRT details
  ☆22Aug 21, 2024Updated last year
• OffenseTeacher / Steganim

  View on GitHub
  ☆46Jun 21, 2023Updated 2 years ago
• ctxis / DynamicWrapperEx

  View on GitHub
  x64 Registration-Free In-Process COM Automation Server.
  ☆51Nov 28, 2022Updated 3 years ago
• GetRektBoy724 / SharpHalos

  View on GitHub
  My implementation of Halo's Gate technique in C#
  ☆54Apr 20, 2022Updated 3 years ago