Alternatives and similar repositories for ToDns

Users that are interested in ToDns are comparing it to the libraries listed below

• jsecu / ElevatedEvents
  ☆31Updated 3 years ago
• timwhitez / JmpUnhook
  Ntdll Unhooking POC
  ☆19Updated 3 years ago
• CUHKJason / BOF-klist
  A simple BOF implementation of klist using Windows API
  ☆32Updated 3 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆55Updated 2 years ago
• BOFs / BOFs
  Beacon Object Files.
  ☆36Updated last year
• EspressoCake / DLL-Exports-Extraction-BOF
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆84Updated 4 years ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆46Updated 2 years ago
• Yair-Men / Passenger
  ProcExp Driver (Ab)use
  ☆22Updated 3 years ago
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆101Updated 2 years ago
• ASkyeye / CobaltPatch
  Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…
  ☆40Updated 5 years ago
• ihack4falafel / Dell-Driver-EoP-CVE-2021-21551
  Dell Driver EoP (CVE-2021-21551)
  ☆32Updated 3 years ago
• netero1010 / Quser-BOF
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆87Updated 2 years ago
• RCStep / RedTeam_Tools_n_Stuff
  Collection of self-made Red Team tools that have come in handy
  ☆11Updated last year
• trustedsec / Windows-MS-LSAT-RPC-Example
  Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD
  ☆28Updated 2 years ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆24Updated 2 years ago
• magnusstubman / tokenduplicator
  Tool to start processes as SYSTEM using token duplication
  ☆38Updated 5 years ago
• GetRektBoy724 / SysGate
  One gate to all syscalls!
  ☆23Updated 3 years ago
• soufianetahiri / CitrixSecureAccessAuthCookieDump
  Dump Citrix Secure Access auth cookie from the process memory
  ☆76Updated 3 years ago
• dosxuz / PerunsFart
  This is my own implementation of the Perun's Fart technique by Sektor7
  ☆72Updated 3 years ago
• ProcessusT / HavocHub
  PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…
  ☆43Updated 6 months ago
• 0x3rhy / GetClipboard
  Cobalt Strike Get clipboard plugin
  ☆15Updated 2 years ago
• hackerhouse-opensource / Gigabyte_ElevatePersist
  Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…
  ☆33Updated 2 years ago
• timwhitez / Freeze-Common
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆14Updated 3 years ago
• Gr1mmie / Coeus
  ADSI based SA tool
  ☆17Updated 3 years ago
• boku7 / xPipe
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆90Updated 2 years ago
• snovvcrash / BOFs
  Beacon Object Files (not Buffer Overflows)
  ☆57Updated 2 years ago
• OtterHacker / CoffLoader
  ☆60Updated 3 years ago
• MrAle98 / BOF-RunPE
  ☆56Updated 2 years ago
• thiagomayllart / DarkMelkor
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆28Updated 4 years ago
• ausec-it / bof-registry
  Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry
  ☆29Updated 4 years ago