Alternatives and similar repositories for NailaoLoader-Hiding-Execution-Flow:

Users that are interested in NailaoLoader-Hiding-Execution-Flow are comparing it to the libraries listed below

• FalconForceTeam / bof-winrm-plugin-jump
  ☆25Updated 2 months ago
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆45Updated 2 months ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆40Updated 4 months ago
• winsecurity / AMSI-Bypass-HWBP
  ☆20Updated 3 weeks ago
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆30Updated last year
• cbwang505 / FilesystemEoPDesktopSystemShell
  Folder Or File Delete to Get System Shell on Current Session Desktop
  ☆38Updated 2 months ago
• smokeme / asar-backdoor
  ☆28Updated last week
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆41Updated 8 months ago
• Quack2332 / Simple-.NET-Obfuscator-PoC
  ☆20Updated 9 months ago
• ZephrFish / DynamicMSBuilder
  A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation
  ☆36Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 6 months ago
• Mazzy-Stars / lain_c2
  command control framework
  ☆20Updated this week
• Teach2Breach / rpeloader
  use python on windows with full submodule support without installation
  ☆28Updated 2 months ago
• NtDallas / sharp-execute
  Execute dotnet app from unmanaged process
  ☆71Updated 3 months ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆30Updated last year
• C5Hackr / c_syscalls
  https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.
  ☆30Updated 9 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 7 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• watchtowrlabs / CVE-2025-0282
  Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)
  ☆22Updated 2 months ago
• Kharos102 / ReadWriteDriverSample
  ☆21Updated 11 months ago
• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆25Updated 2 months ago
• susMdT / ForsHops
  ForsHops
  ☆22Updated this week
• wolfcod / beacondbg
  Beacon Debugger
  ☆40Updated 5 months ago
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆23Updated last month
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆28Updated 8 months ago
• rbmm / ARL
  ☆24Updated last month
• scrt / KexecDDPlus
  Exploiting the KsecDD Windows driver through Server Silos
  ☆50Updated 4 months ago
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 3 years ago
• tijme / relocatable
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆43Updated 2 months ago
• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆31Updated 10 months ago