n0tspam/RunspaceLoader

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/n0tspam/RunspaceLoader)

n0tspam / RunspaceLoader

Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe

☆13

Alternatives and similar repositories for RunspaceLoader

Users that are interested in RunspaceLoader are comparing it to the libraries listed below

Sorting:

AndrewRathbun / SigHunter
View on GitHub
A C# (.NET 6) tool to compare the file signature of files recursively and inform the user of matches and mismatches
☆16Nov 29, 2024Updated last year
dosxuz / TradecraftImrprovement
View on GitHub
This repository will contain source codes from the Tradecraft improvement blog series
☆15Mar 27, 2025Updated 11 months ago
Jhangju / goLang-injectors
View on GitHub
This project will guide yout to awareness of injection in almost every window API and process.
☆24Mar 30, 2022Updated 3 years ago
Cipher7 / havoc-PoolParty
View on GitHub
Windows Thread Pool Injection Havoc Implementation
☆34Mar 23, 2024Updated last year
OtterHacker / AWSRedirector
View on GitHub
☆58Feb 16, 2025Updated last year
Bl4ckM1rror / PEAs
View on GitHub
☆60Dec 15, 2023Updated 2 years ago
CD-R0M / YARA
View on GitHub
Hundred Days of Yara Challenge
☆12Jun 21, 2022Updated 3 years ago
mrd0x / pe2shc-to-cdb
View on GitHub
Convert shellcode generated using pe_2_shellcode to cdb format.
☆100Jan 18, 2022Updated 4 years ago
hlldz / misc
View on GitHub
miscellaneous codes
☆36Sep 24, 2023Updated 2 years ago
kleiton0x00 / RemoteShellcodeExec
View on GitHub
Execute shellcode from a remote-hosted bin file using Winhttp.
☆239Jun 22, 2023Updated 2 years ago
patrickt2017 / VEHNetLoader
View on GitHub
Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
☆50Jul 6, 2025Updated 8 months ago
JakubStanior / PsExclusionFinder
View on GitHub
PowerShell tool to enumerate existing exclusions in Windows Defender as low privileged user
☆11Oct 14, 2024Updated last year
RenderZ0n3 / Malware-Development
View on GitHub
☆10Jul 1, 2023Updated 2 years ago
anyrun / manalyze
View on GitHub
A static analyzer for PE executables.
☆18Nov 19, 2021Updated 4 years ago
SAERXCIT / LibTP_Gadget
View on GitHub
Crystal Palace library for proxying Nt API calls via the Threadpool. Updated for call gadgets.
☆19Nov 11, 2025Updated 4 months ago
daem0nc0re / Abusing_Weak_ACL_on_Certificate_Templates
View on GitHub
Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
☆131Oct 10, 2021Updated 4 years ago
Print3M / c-to-shellcode
View on GitHub
From C to binary shellcode converter.
☆56Nov 11, 2025Updated 4 months ago
MaorSabag / SafeCrypt
View on GitHub
SafeCrypt is an academic ransomware simulation suite developed for Red Team engagements. It demonstrates modern malware techniques includ…
☆33Oct 3, 2025Updated 5 months ago
V-i-x-x / win11-kernel-execution-syscall-hijack
View on GitHub
Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)
☆56Jun 15, 2025Updated 9 months ago
idnahacks / AD_attack_defend_cheatsheet
View on GitHub
A list of commands, tools and notes about enumerating and exploiting Active Directory and how to defend against these attacks
☆23Jun 22, 2021Updated 4 years ago
hackerhouse-opensource / Stinger
View on GitHub
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as A…
☆302Feb 2, 2026Updated last month
intelliroot-tech / ProcessHuntingToolkit
View on GitHub
Process hunting Toolkit is toolkit capable of hunting down malicious processes on Windows
☆14Jan 31, 2025Updated last year
conversation / gitbook-to-md
View on GitHub
Bulk export spaces from GitBook to markdown
☆20Mar 10, 2025Updated last year
naksyn / Embedder
View on GitHub
Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
☆123May 29, 2024Updated last year
0xKunAlx0 / Gitrive
View on GitHub
☆12Feb 20, 2025Updated last year
mobdk / CoreClass
View on GitHub
Mimikatz embedded as classes
☆28Oct 25, 2021Updated 4 years ago
0xSojalSec / AI-driven-penetration-testing-tool
View on GitHub
An advanced AI-driven vulnerability scanner and penetration testing tool that integrates multiple AI providers (OpenAI, Grok, OLLAMA, Cla…
☆35Nov 7, 2025Updated 4 months ago
thecatenjoyer / singlestep_xorstub
View on GitHub
Stub for polymorphic code
☆11Mar 18, 2023Updated 3 years ago
rkbennett / od_import
View on GitHub
☆26Dec 21, 2025Updated 2 months ago
smokeme / PDFator
View on GitHub
☆27Jun 3, 2023Updated 2 years ago
Kryp7os / SharpRBCD
View on GitHub
An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD
☆49Mar 10, 2025Updated last year
dosxuz / PerunsFart
View on GitHub
This is my own implementation of the Perun's Fart technique by Sektor7
☆72May 14, 2022Updated 3 years ago
MzHmO / Parasite-Invoke
View on GitHub
Hide your P/Invoke signatures through other people's signed assemblies
☆211Mar 10, 2024Updated 2 years ago
uroesch / PlinkProxy
View on GitHub
Windows frontend for digging SSH tunnels and creating socks proxies
☆12Nov 19, 2023Updated 2 years ago
blackarrowsec / Handly
View on GitHub
Abuse leaked token handles.
☆136Dec 14, 2023Updated 2 years ago
inb1ts / birdnet-poc
View on GitHub
Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
☆41Jul 9, 2023Updated 2 years ago
susMdT / SharpIndirectSyscalls
View on GitHub
☆11Feb 12, 2023Updated 3 years ago
0xTriboulet / Cycotic
View on GitHub
A python polymorphic engine for C programs
☆11Dec 8, 2023Updated 2 years ago
Cn33liz / HSEVD-StackOverflow
View on GitHub
HackSys Extreme Vulnerable Driver - StackOverflow Exploit
☆32Jan 9, 2017Updated 9 years ago