Alternatives and similar repositories for gui-pwn

Users that are interested in gui-pwn are comparing it to the libraries listed below

• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆31Updated last year
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated last month
• nbaertsch / Shrike
  Hunting and injecting RWX 'mockingjay' DLLs in pure nim
  ☆59Updated 5 months ago
• 0xTriboulet / T-70
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆39Updated 6 months ago
• CompassSecurity / TokenPhisher
  ☆25Updated 3 months ago
• susMdT / AceLdr
  Cobalt Strike UDRL for memory scanner evasion.
  ☆51Updated last year
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆17Updated last year
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆41Updated 9 months ago
• OffenseTeacher / Steganim
  ☆48Updated last year
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆62Updated 3 months ago
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆40Updated last year
• Tylous / Dent
  A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
  ☆14Updated 2 years ago
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆27Updated 3 months ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆41Updated 6 months ago
• xelemental / Mal-LNK-Generator
  ☆34Updated last month
• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆27Updated 3 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆29Updated last year
• ibaiC / FriendlyFireBOF
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆47Updated last month
• Karkas66 / EarlyCascadeImprooved
  an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
  ☆19Updated 2 months ago
• 0xflagplz / Xll-Payload-Generator
  Excel Add In Payload Generator
  ☆11Updated last year
• OtterHacker / Cerbere
  ☆48Updated 2 years ago
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 3 years ago
• EspressoCake / ReadRemoteProcessCommandline_BOF
  ☆26Updated last year
• NoahKirchner / speedloader
  Rust template/library for implementing your own COFF loader
  ☆50Updated 3 months ago
• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆31Updated 3 weeks ago
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 7 months ago
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆27Updated 2 months ago
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated last year