Alternatives and similar repositories for dll-universal-patcher

Users that are interested in dll-universal-patcher are comparing it to the libraries listed below

• namazso / dll-proxy-generator

  View on GitHub
  Generate a proxy dll for arbitrary dll
  ☆220Oct 19, 2024Updated last year
• mr-r3bot / bof-modules

  View on GitHub
  BOF for C2 framework
  ☆44Nov 9, 2024Updated last year
• Cracked5pider / kaine-assembly

  View on GitHub
  a demo module for the kaine agent to execute and inject assembly modules
  ☆41Aug 28, 2024Updated last year
• klezVirus / DriverJack

  View on GitHub
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆358Aug 11, 2024Updated last year
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆194Nov 27, 2024Updated last year
• LLVMParty / llvm-headers

  View on GitHub
  Easily search LLVM headers for all major versions!
  ☆19Sep 14, 2025Updated 5 months ago
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• djolertrk / kovid-obfuscation-passes

  View on GitHub
  A set of LLVM and GCC based plugins that perform code obfuscation.
  ☆139Oct 20, 2025Updated 3 months ago
• yamakadi / ldr

  View on GitHub
  A work in progress BOF/COFF loader in Rust
  ☆50Mar 22, 2023Updated 2 years ago
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated 10 months ago
• NioZow / bof-collection

  View on GitHub
  ☆21Feb 22, 2025Updated 11 months ago
• zimnyaa / noWatch

  View on GitHub
  Implant drop-in for EDR testing
  ☆147Nov 15, 2023Updated 2 years ago
• Hagrid29 / BOF-DCOMPotato-PrintNotify

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆96Mar 20, 2023Updated 2 years ago
• silentwarble / PIC-Library

  View on GitHub
  A collection of position independent coding resources
  ☆107Nov 15, 2025Updated 3 months ago
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆126Sep 1, 2024Updated last year
• NetSPI / BOF-PE

  View on GitHub
  An example reference design for a proposed BOF PE
  ☆197Jan 23, 2026Updated 3 weeks ago
• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆106Aug 21, 2024Updated last year
• HulkOperator / AuthStager

  View on GitHub
  ☆59Oct 24, 2024Updated last year
• gatariee / ldrgen

  View on GitHub
  Template-based generation of shellcode loaders
  ☆80Apr 20, 2024Updated last year
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆246Sep 8, 2024Updated last year
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Feb 11, 2024Updated 2 years ago
• can1357 / selene

  View on GitHub
  Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!
  ☆408Apr 19, 2025Updated 9 months ago
• susMdT / LoudSunRun

  View on GitHub
  Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
  ☆254Oct 16, 2024Updated last year
• loneicewolf / smbdoor

  View on GitHub
  improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
  ☆49Mar 10, 2023Updated 2 years ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• T3nb3w / ComDotNetExploit

  View on GitHub
  A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …
  ☆332Mar 6, 2025Updated 11 months ago
• itm4n / PPLrevenant

  View on GitHub
  Bypass LSA protection using the BYODLL technique
  ☆171Sep 21, 2024Updated last year
• 0xRedpoll / SignalKeyBOF

  View on GitHub
  BOF to decrypt Signal Desktop chat logs
  ☆71Feb 20, 2025Updated 11 months ago
• 0xHossam / KernelCallbackTable-Injection-PoC

  View on GitHub
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆270Oct 31, 2024Updated last year
• ElliotKillick / LdrLockLiberator

  View on GitHub
  For when DLLMain is the only way
  ☆423Oct 29, 2024Updated last year
• outflanknl / macho-loader

  View on GitHub
  ☆102Sep 5, 2024Updated last year
• CICADA8-Research / Spyndicapped

  View on GitHub
  COM ViewLogger — new malware keylogging technique
  ☆403Jan 6, 2025Updated last year
• hasherezade / thread_namecalling

  View on GitHub
  Process Injection using Thread Name
  ☆298Apr 18, 2025Updated 9 months ago
• 0x4d5a-ctf / 38c3_com_talk

  View on GitHub
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Jan 3, 2025Updated last year
• kozmer / sigdream

  View on GitHub
  sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux
  ☆65Dec 15, 2025Updated 2 months ago
• 0xRedpoll / WhatsAppKeyBOF

  View on GitHub
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆88Mar 2, 2025Updated 11 months ago
• paranoidninja / Proxy-Function-Calls-For-ETwTI

  View on GitHub
  The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
  ☆210Jan 29, 2023Updated 3 years ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆678Oct 23, 2024Updated last year
• Pusty / ferret

  View on GitHub
  Mixed Boolean Arithmetic Simplification using E-Graphs
  ☆24May 1, 2025Updated 9 months ago