Alternatives and similar repositories for RiscyWorkshop

Users that are interested in RiscyWorkshop are comparing it to the libraries listed below

• dr4ndrei / OHFFLdr

  View on GitHub
  One-header configurable C++20 COFF loader
  ☆21Jul 21, 2025Updated 6 months ago
• JayGLXR / RustyMirage

  View on GitHub
  A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆38Mar 6, 2025Updated 11 months ago
• ibaiC / FriendlyFireBOF

  View on GitHub
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆57Apr 14, 2025Updated 10 months ago
• KickedDroid / loadstar

  View on GitHub
  A different approach to writing BOFs in rust.
  ☆18Aug 20, 2025Updated 5 months ago
• synacktiv / CcmMessagingBackdoor

  View on GitHub
  ☆17Jun 10, 2025Updated 8 months ago
• cbrnrd / maliketh

  View on GitHub
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆45Feb 6, 2026Updated last week
• JayGLXR / RustySpy

  View on GitHub
  A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …
  ☆19Mar 6, 2025Updated 11 months ago
• aitorfirm / BlackIris

  View on GitHub
  Thats it! An Open-Source Windows UEFI Rootkit
  ☆28Jul 19, 2025Updated 6 months ago
• joaoviictorti / uwd

  View on GitHub
  Call Stack Spoofing for Rust
  ☆210Jan 28, 2026Updated 2 weeks ago
• djackreuter / rustlualoader

  View on GitHub
  Shellcode loader that executes embedded Lua from Rust.
  ☆127Dec 16, 2024Updated last year
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆120Jan 26, 2023Updated 3 years ago
• lilify-jp / Squre

  View on GitHub
  🛡️ Open-source binary protection toolkit for Windows PE. Nanomite, VM protection, anti-debug, and more.
  ☆49Feb 8, 2026Updated last week
• Teach2Breach / rpeloader

  View on GitHub
  use python on windows with full submodule support without installation
  ☆30Jan 23, 2025Updated last year
• nilripper / ptrguard

  View on GitHub
  A pointer encryption library intended for Red Team implant design in Rust.
  ☆64Oct 1, 2025Updated 4 months ago
• NetSPI / BOF-PE

  View on GitHub
  An example reference design for a proposed BOF PE
  ☆197Jan 23, 2026Updated 3 weeks ago
• dreadnode / conferences

  View on GitHub
  ☆18Apr 15, 2024Updated last year
• JayGLXR / Rusty-Stardust

  View on GitHub
  A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…
  ☆59Mar 17, 2025Updated 10 months ago
• JJK96 / PIClin

  View on GitHub
  From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…
  ☆53Sep 22, 2025Updated 4 months ago
• incursi0n / ClipboardStealBOF

  View on GitHub
  An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…
  ☆102Jan 9, 2026Updated last month
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆35Jan 20, 2025Updated last year
• 0xB455 / ActiveSyncBruter

  View on GitHub
  ☆26Mar 6, 2025Updated 11 months ago
• kozmer / rspy

  View on GitHub
  rust port of pspy with support for process monitoring over dbus
  ☆35Jan 4, 2026Updated last month
• NoahKirchner / speedloader

  View on GitHub
  Rust template/library for implementing your own COFF loader
  ☆71Jan 27, 2025Updated last year
• joaoviictorti / dinvk

  View on GitHub
  Dynamically invoke arbitrary code in Rust (Dinvoke)
  ☆101Dec 1, 2025Updated 2 months ago
• xforcered / Being-A-Good-CLR-Host

  View on GitHub
  ☆139Jan 16, 2025Updated last year
• entropy-z / PostEx-Arsenal

  View on GitHub
  Arsenal of modules to beacon postex
  ☆93Updated this week
• Pusty / ferret

  View on GitHub
  Mixed Boolean Arithmetic Simplification using E-Graphs
  ☆24May 1, 2025Updated 9 months ago
• nbaertsch / AutoAppDomainHijack

  View on GitHub
  Automated .NET AppDomain hijack payload generation
  ☆129Feb 4, 2025Updated last year
• Octoberfest7 / zip_smuggling

  View on GitHub
  Python3 utility for creating zip files that smuggle additional data for later extraction
  ☆264May 15, 2025Updated 9 months ago
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆135Apr 18, 2025Updated 9 months ago
• rbmm / SC

  View on GitHub
  shell code example
  ☆67Dec 12, 2025Updated 2 months ago
• Meowmycks / koneko

  View on GitHub
  Robust Cobalt Strike shellcode loader with multiple advanced evasion features
  ☆199Apr 21, 2025Updated 9 months ago
• us-cyber-team / nim_for_hackers2

  View on GitHub
  slides for talk given during uscg 2023 combine
  ☆38Sep 6, 2023Updated 2 years ago
• nbaertsch / nimvoke

  View on GitHub
  Indirect syscalls + DInvoke made simple.
  ☆96Dec 24, 2024Updated last year
• susMdT / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆52Dec 4, 2023Updated 2 years ago
• kr0tt / EarlyExceptionHandling

  View on GitHub
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆136Aug 31, 2025Updated 5 months ago
• vysecurity / OffensiveLAM

  View on GitHub
  A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…
  ☆26Feb 29, 2024Updated last year
• trickster0 / PrimitiveInjection

  View on GitHub
  PrimitiveInjection by using Read, Write and Allocation Primitives.
  ☆53Jun 21, 2025Updated 7 months ago
• safedv / RustVEHSyscalls

  View on GitHub
  A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
  ☆161Oct 31, 2024Updated last year