pard0p/Self-Cleaning-PICO-Loader external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

pard0p/Self-Cleaning-PICO-Loader

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/pard0p/Self-Cleaning-PICO-Loader)

Close

pard0p / Self-Cleaning-PICO-LoaderView on GitHubMore

• External links
• Readme badge

Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload execution.

☆52Nov 2, 2025Updated 5 months ago

Alternatives and similar repositories for Self-Cleaning-PICO-Loader

Users that are interested in Self-Cleaning-PICO-Loader are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Nomad0x7 / sekken-enum

  View on GitHub
  adws enumeration bof
  ☆170Feb 16, 2026Updated last month
• HulkOperator / CallStackSpoofer

  View on GitHub
  ☆66Dec 19, 2024Updated last year
• MayerDaniel / the-one-wsl-bof

  View on GitHub
  One WSL BOF to rule them all
  ☆174Jan 14, 2026Updated 3 months ago
• kypvas / LDIFToBloodHound

  View on GitHub
  A Windows tool that converts LDIF files to BloodHound CE
  ☆31Dec 20, 2025Updated 3 months ago
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆40Aug 5, 2025Updated 8 months ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• mochabyte0x / TrampoLatte

  View on GitHub
  A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow
  ☆18Jun 26, 2025Updated 9 months ago
• 0xJs / EnumMitigations

  View on GitHub
  Reports on Driver, LSASS and other security services mitigations
  ☆34Aug 18, 2025Updated 7 months ago
• lap1nou / CLR_Heap_encryption

  View on GitHub
  ☆102Oct 7, 2023Updated 2 years ago
• maxDcb / DreamWalkers

  View on GitHub
  Reflective shellcode loaderwith advanced call stack spoofing and .NET support.
  ☆232Sep 19, 2025Updated 6 months ago
• garrettfoster13 / CVE-2025-59501

  View on GitHub
  CVE-2025-59501 POC code
  ☆26Nov 20, 2025Updated 4 months ago
• pard0p / LibWinHttp

  View on GitHub
  LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…
  ☆40Nov 4, 2025Updated 5 months ago
• ZephrFish / LOLADCS

  View on GitHub
  PowerShell implementation for AD CS
  ☆117Mar 2, 2026Updated last month
• KickedDroid / loadstar

  View on GitHub
  A different approach to writing BOFs in rust.
  ☆20Aug 20, 2025Updated 7 months ago
• Cobalt-Strike / udc2-vs

  View on GitHub
  User-Defined C2 BOF Template
  ☆31Nov 24, 2025Updated 4 months ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• 0xRedpoll / ludus_cobaltstrike_teamserver

  View on GitHub
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆18Mar 19, 2025Updated last year
• Tw1sm / list-wam-accounts

  View on GitHub
  List web account manager (WAM) accounts added to the current profile
  ☆25Dec 11, 2025Updated 4 months ago
• synacktiv / sccmsqlclient

  View on GitHub
  ☆26Aug 5, 2025Updated 8 months ago
• leftp / RegPersist

  View on GitHub
  a BOF implementation of various registry persistence methods
  ☆97Nov 11, 2025Updated 5 months ago
• TierZeroSecurity / killerPID-BOF

  View on GitHub
  BOF to terminate a process via PID as argument
  ☆28Sep 7, 2025Updated 7 months ago
• S12cybersecurity / FrankensteinAPCInjection

  View on GitHub
  Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueAp…
  ☆69Feb 17, 2026Updated last month
• curi0usJack / Ludus-MDE-MDI-Roles

  View on GitHub
  Ludus roles to deploy ASR rules and MDI auditing settings
  ☆24Aug 5, 2025Updated 8 months ago
• NtDallas / BOF_Spawn

  View on GitHub
  Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames
  ☆154Nov 23, 2025Updated 4 months ago
• Sh3lldon / HellsVectoredGate

  View on GitHub
  ☆54Oct 13, 2025Updated 6 months ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• sudonoodle / BOF-entra-authcode-flow

  View on GitHub
  Beacon Object File (BOF) to obtain Entra tokens via authcode flow.
  ☆128Jan 17, 2026Updated 2 months ago
• Coontzy1 / WSUScripts

  View on GitHub
  ☆20Sep 6, 2025Updated 7 months ago
• ldematte / HostedPumpkin

  View on GitHub
  Submission, compilation and execution of C# code snippets, using an unmanaged CLR Host
  ☆59Jan 29, 2015Updated 11 years ago
• iss4cf0ng / IronPE

  View on GitHub
  IronPE is a Windows PE manual loader written in Rust for both x86 and x64 PE files.
  ☆113Mar 10, 2026Updated last month
• NioZow / bof-collection

  View on GitHub
  ☆21Feb 22, 2025Updated last year
• CodeXTF2 / bof_template

  View on GitHub
  BOF template with boflink and mutator kit support
  ☆49Jan 8, 2026Updated 3 months ago
• ryannair05 / Tempus-Romanum

  View on GitHub
  Show the time in Roman Numerals
  ☆11Jan 23, 2020Updated 6 years ago
• aahmad097 / Test004

  View on GitHub
  Persistence via Shell Extensions
  ☆64Aug 4, 2023Updated 2 years ago
• susMdT / LoudSunRun

  View on GitHub
  Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
  ☆267Oct 16, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• SpecterOps / SCOMHound

  View on GitHub
  ☆38Dec 4, 2025Updated 4 months ago
• xyplex3 / RedTeamCoin

  View on GitHub
  Red Team Coin for crypto-mining operations.
  ☆23Mar 1, 2026Updated last month
• hasherezade / waiting_thread_hijacking

  View on GitHub
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆264Aug 31, 2025Updated 7 months ago
• rbmm / SC_DEMO

  View on GitHub
  ☆127Dec 12, 2025Updated 4 months ago
• Tw1sm / aesKrbKeyGen

  View on GitHub
  Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3
  ☆80Jun 1, 2022Updated 3 years ago
• Crypt0s / Ekko_CFG_Bypass

  View on GitHub
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆115Aug 29, 2022Updated 3 years ago
• EricEsquivel / Inline-EA

  View on GitHub
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆313Mar 31, 2025Updated last year