Alternatives and similar repositories for gui-pwn

Users that are interested in gui-pwn are comparing it to the libraries listed below

• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated 2 months ago
• xelemental / Mal-LNK-Generator
  ☆34Updated 3 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆63Updated 2 weeks ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆50Updated 5 months ago
• nbaertsch / Shrike
  Hunting and injecting RWX 'mockingjay' DLLs in pure nim
  ☆59Updated 6 months ago
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆28Updated 4 months ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆17Updated last year
• OffenseTeacher / Steganim
  ☆48Updated 2 years ago
• gerbsec / SmokeyObfuscator
  Rewrite to fit my needs
  ☆28Updated 11 months ago
• Tylous / Dent
  A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
  ☆15Updated 2 years ago
• susMdT / AceLdr
  Cobalt Strike UDRL for memory scanner evasion.
  ☆52Updated last year
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆31Updated last year
• Krypteria / Proxll
  Tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h
  ☆38Updated 8 months ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated 2 months ago
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆45Updated last year
• zero2504 / FrostLock-Injection
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆25Updated 2 months ago
• cybersectroll / TrollDisappearKey
  ☆44Updated 3 weeks ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆41Updated 7 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆24Updated 4 months ago
• Karkas66 / EarlyCascadeImprooved
  an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
  ☆19Updated 4 months ago
• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆30Updated 4 months ago
• tijme / kong-loader
  Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…
  ☆28Updated 2 months ago
• Slowerzs / CryptDecryptMemory
  ☆30Updated 6 months ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆75Updated 2 years ago
• sagiol / Terms-of-What
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆37Updated this week
• persistent-security / hermes-the-messenger
  A PoC for achieving persistence via push notifications on Windows
  ☆46Updated 2 years ago
• cyndicatelabs / brc4_profile_maker
  An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.
  ☆24Updated last month
• 0xflagplz / Xll-Payload-Generator
  Excel Add In Payload Generator
  ☆11Updated last year
• Fitretech-Security / dylight
  macOS dylib stager
  ☆35Updated 5 months ago