Alternatives and similar repositories for RunPE:

Users that are interested in RunPE are comparing it to the libraries listed below

• med0x2e / ExecuteAssembly
  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…
  ☆555Updated 3 years ago
• GetRektBoy724 / SharpUnhooker
  C# Based Universal API Unhooker
  ☆398Updated 3 years ago
• kyleavery / inject-assembly
  Inject .NET assemblies into an existing process
  ☆490Updated 3 years ago
• FatRodzianko / SharpBypassUAC
  C# tool for UAC bypasses
  ☆424Updated 3 years ago
• anthemtotheego / InlineExecute-Assembly
  InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…
  ☆648Updated last year
• CCob / BOF.NET
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆702Updated 6 months ago
• mgeeky / UnhookMe
  UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …
  ☆344Updated 2 years ago
• BinaryScary / NET-Obfuscate
  Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI
  ☆231Updated last year
• antonioCoco / MalSeclogon
  A little tool to play with the Seclogon service
  ☆308Updated 2 years ago
• ajpc500 / BOFs
  Collection of Beacon Object Files
  ☆577Updated 2 years ago
• TheWover / DInvoke
  Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
  ☆728Updated 2 years ago
• Flangvik / SharpDllProxy
  Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
  ☆782Updated 4 years ago
• S3cur3Th1sSh1t / Nim-RunPE
  A Nim implementation of reflective PE-Loading from memory
  ☆275Updated 6 months ago
• jhalon / SharpCall
  Simple PoC demonstrating syscall execution in C#
  ☆154Updated 4 years ago
• mgeeky / ElusiveMice
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆445Updated last year
• trustedsec / COFFLoader
  ☆501Updated 4 months ago
• Hagrid29 / PELoader
  PE loader with various shellcode injection techniques
  ☆402Updated 2 years ago
• boku7 / AsmHalosGate
  x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks
  ☆203Updated 2 years ago
• RedSection / OffensivePH
  OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
  ☆330Updated 3 years ago
• codewhitesec / HandleKatz
  PIC lsass dumper using cloned handles
  ☆580Updated 2 years ago
• plackyhacker / Shellcode-Injection-Techniques
  A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this proje…
  ☆454Updated 3 years ago
• 0xthirteen / SharpStay
  .NET project for installing Persistence
  ☆466Updated 8 months ago
• rvrsh3ll / BOF_Collection
  Various Cobalt Strike BOFs
  ☆619Updated 2 years ago
• Cracked5pider / KaynLdr
  KaynLdr is a Reflective Loader written in C/ASM
  ☆528Updated last year
• netero1010 / ScheduleRunner
  A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation
  ☆334Updated 2 months ago
• cube0x0 / MiniDump
  C# Lsass parser
  ☆289Updated 3 years ago
• kyleavery / AceLdr
  Cobalt Strike UDRL for memory scanner evasion.
  ☆912Updated 9 months ago
• boku7 / HOLLOW
  EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…
  ☆277Updated 2 years ago
• itm4n / PPLmedic
  Dump the memory of any PPL with a Userland exploit chain
  ☆333Updated 2 years ago
• br-sn / CheekyBlinder
  Enumerating and removing kernel callbacks using signed vulnerable drivers
  ☆556Updated 2 years ago