Alternatives and similar repositories for DataBlockNTLMLeak

Users that are interested in DataBlockNTLMLeak are comparing it to the libraries listed below

• OtterHacker / AWSRoundRobin
  ☆37Updated 3 months ago
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆36Updated 3 months ago
• rbmm / TL-TASK
  ☆18Updated last week
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆17Updated 5 months ago
• winsecurity / AMSI-Bypass-HWBP
  ☆22Updated 2 months ago
• HulkOperator / AuthStager
  ☆55Updated 7 months ago
• 0xTriboulet / T-70
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆39Updated 7 months ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆26Updated last year
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆27Updated 11 months ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 10 months ago
• PShlyundin / TimeSync
  Tool to obtain hash using MS-SNTP for user accounts
  ☆23Updated 4 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆50Updated 6 months ago
• voidvxvt / EnableAllTokenPrivs
  Enable or Disable TokenPrivilege(s)
  ☆13Updated last year
• wetw0rk / wetw0rk.github.io
  ☆18Updated 2 weeks ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 8 months ago
• mbanyamer / CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free-
  Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397)
  ☆35Updated this week
• ChaitanyaHaritash / IllusiveFog
  Windows Administrator level Implant.
  ☆49Updated 8 months ago
• som3canadian / Mythic_NimSyscallPacker_Wrapper
  Mythic C2 wrapper for NimSyscallPacker
  ☆25Updated 2 months ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated 2 months ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆41Updated 6 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 4 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆43Updated 3 weeks ago
• andreisss / Living-off-the-COM-Type-Coercion-Abuse
  This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…
  ☆39Updated 3 weeks ago
• itaymigdal / HubbleHub
  Explore and filter your GitHub starred repositories
  ☆27Updated last year
• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆32Updated last month
• xelemental / Mal-LNK-Generator
  ☆34Updated 2 months ago
• lleon1435 / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆14Updated last year
• Cyxow / CVE-2024-3183-POC
  POC for CVE-2024-3183 (FreeIPA Rosting)
  ☆22Updated 9 months ago
• rad9800 / RansomFS
  ☆31Updated 3 months ago
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆42Updated 10 months ago