kleiton0x00/RemoteShellcodeExec external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

kleiton0x00/RemoteShellcodeExec

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/kleiton0x00/RemoteShellcodeExec)

Close

kleiton0x00 / RemoteShellcodeExecView on GitHubMore

• External links
• Readme badge

Execute shellcode from a remote-hosted bin file using Winhttp.

☆240Jun 22, 2023Updated 2 years ago

Alternatives and similar repositories for RemoteShellcodeExec

Users that are interested in RemoteShellcodeExec are comparing it to the libraries listed below

• SaadAhla / UnhookingPatch

  View on GitHub
  Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
  ☆314Aug 2, 2023Updated 2 years ago
• SaadAhla / D1rkLdr

  View on GitHub
  Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…
  ☆322Aug 2, 2023Updated 2 years ago
• florylsk / RecycledInjector

  View on GitHub
  Native Syscalls Shellcode Injector
  ☆266Jul 2, 2023Updated 2 years ago
• SaadAhla / Shellcode-Hide

  View on GitHub
  This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…
  ☆438Aug 2, 2023Updated 2 years ago
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆368Apr 19, 2023Updated 2 years ago
• SaadAhla / NTDLLReflection

  View on GitHub
  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…
  ☆305Aug 2, 2023Updated 2 years ago
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆809Sep 4, 2024Updated last year
• SaadAhla / FilelessPELoader

  View on GitHub
  Loading Remote AES Encrypted PE in memory , Decrypted it and run it
  ☆1,019Aug 29, 2023Updated 2 years ago
• f1zm0 / acheron

  View on GitHub
  indirect syscalls for AV/EDR evasion in Go assembly
  ☆371Jun 13, 2023Updated 2 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆676Dec 23, 2022Updated 3 years ago
• Octoberfest7 / MemFiles

  View on GitHub
  A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
  ☆473Jul 6, 2024Updated last year
• Haunted-Banshee / ErebusGate

  View on GitHub
  ErebusGate for Nim Bypass AV/EDR
  ☆162Nov 7, 2022Updated 3 years ago
• SaadAhla / TakeMyRDP

  View on GitHub
  A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…
  ☆398Aug 2, 2023Updated 2 years ago
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆776Jan 26, 2026Updated last month
• LloydLabs / shellcode-plain-sight

  View on GitHub
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆209Nov 12, 2025Updated 3 months ago
• RistBS / ContextMenuHijack

  View on GitHub
  Execute a payload at each right click on a file/folder in the explorer menu for persistence
  ☆175Mar 15, 2023Updated 2 years ago
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆714Mar 4, 2023Updated 2 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,006Jun 4, 2024Updated last year
• REDMED-X / InjectKit

  View on GitHub
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆105Jan 24, 2024Updated 2 years ago
• f1zm0 / hades

  View on GitHub
  Go shellcode loader that combines multiple evasion techniques
  ☆389Jun 21, 2023Updated 2 years ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,298Dec 7, 2023Updated 2 years ago
• 0xb11a1 / yetAnotherObfuscator

  View on GitHub
  C# obfuscator that bypass windows defender
  ☆803Jun 4, 2023Updated 2 years ago
• SaadAhla / HeapCrypt

  View on GitHub
  Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap
  ☆246Aug 2, 2023Updated 2 years ago
• georgesotiriadis / Chimera

  View on GitHub
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆503Dec 19, 2023Updated 2 years ago
• M01N-Team / HeaderLessPE

  View on GitHub
  ☆245Sep 19, 2023Updated 2 years ago
• capt-meelo / laZzzy

  View on GitHub
  laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
  ☆501Jan 10, 2023Updated 3 years ago
• Maldev-Academy / HellHall

  View on GitHub
  Performing Indirect Clean Syscalls
  ☆605Apr 19, 2023Updated 2 years ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆672Aug 15, 2025Updated 6 months ago
• S3cur3Th1sSh1t / Ruy-Lopez

  View on GitHub
  ☆319Jun 28, 2023Updated 2 years ago
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF

  View on GitHub
  ☆162Mar 27, 2023Updated 2 years ago
• CognisysGroup / HadesLdr

  View on GitHub
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆293Jul 15, 2023Updated 2 years ago
• optiv / Freeze.rs

  View on GitHub
  Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
  ☆721Aug 18, 2023Updated 2 years ago
• m3rcer / Chisel-Strike

  View on GitHub
  A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
  ☆459Mar 25, 2024Updated last year
• SaadAhla / PE-Obfuscator

  View on GitHub
  PE obfuscator with Evasion in mind
  ☆213Apr 25, 2023Updated 2 years ago
• Mr-Un1k0d3r / AMSI-ETW-Patch

  View on GitHub
  Patch AMSI and ETW
  ☆249May 8, 2024Updated last year
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,400Nov 22, 2023Updated 2 years ago
• Helixo32 / NimBlackout

  View on GitHub
  Kill AV/EDR leveraging BYOVD attack
  ☆390Jul 11, 2023Updated 2 years ago
• florylsk / SignatureGate

  View on GitHub
  Weaponized HellsGate/SigFlip
  ☆203Jun 7, 2023Updated 2 years ago
• VoldeSec / PatchlessInlineExecute-Assembly

  View on GitHub
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆275Apr 17, 2023Updated 2 years ago