Alternatives and similar repositories for WMEye

Users that are interested in WMEye are comparing it to the libraries listed below

• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆539Nov 20, 2021Updated 4 years ago
• improsec / SharpEventPersist

  View on GitHub
  Persistence by writing/reading shellcode from Event Log
  ☆378May 27, 2022Updated 3 years ago
• pwn1sher / frostbyte

  View on GitHub
  FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
  ☆386Apr 16, 2022Updated 3 years ago
• Kudaes / Elevator

  View on GitHub
  UAC bypass by abusing RPC and debug objects.
  ☆629Oct 19, 2023Updated 2 years ago
• cube0x0 / KrbRelay

  View on GitHub
  Framework for Kerberos relaying
  ☆939May 29, 2022Updated 3 years ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,398Nov 22, 2023Updated 2 years ago
• iomoath / SharpStrike

  View on GitHub
  A Post exploitation tool written in C# uses either CIM or WMI to query remote systems.
  ☆200Sep 21, 2021Updated 4 years ago
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,364Oct 27, 2023Updated 2 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆508Jan 19, 2022Updated 4 years ago
• EspressoCake / PPLDump_BOF

  View on GitHub
  A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
  ☆143Sep 24, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SharpImpersonation

  View on GitHub
  A User Impersonation tool - via Token or Shellcode injection
  ☆422May 21, 2022Updated 3 years ago
• med0x2e / NTLMRelay2Self

  View on GitHub
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆417Jan 27, 2024Updated 2 years ago
• nettitude / SharpWSUS

  View on GitHub
  ☆477Nov 20, 2022Updated 3 years ago
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆953Feb 2, 2026Updated last week
• fortra / nanodump

  View on GitHub
  The swiss army knife of LSASS dumping
  ☆2,069Sep 17, 2024Updated last year
• 0xthirteen / SharpMove

  View on GitHub
  .NET Project for performing Authenticated Remote Execution
  ☆406Feb 8, 2023Updated 3 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,004Jun 4, 2024Updated last year
• waldo-irc / YouMayPasser

  View on GitHub
  You shall pass
  ☆271Jul 16, 2022Updated 3 years ago
• Hagrid29 / DuplicateDump

  View on GitHub
  Dumping LSASS with a duplicated handle from custom LSA plugin
  ☆204Feb 23, 2022Updated 3 years ago
• CCob / lsarelayx

  View on GitHub
  NTLM relaying for Windows made easy
  ☆579Apr 25, 2023Updated 2 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• Cracked5pider / KaynLdr

  View on GitHub
  KaynLdr is a Reflective Loader written in C/ASM
  ☆555Dec 3, 2023Updated 2 years ago
• hlldz / RefleXXion

  View on GitHub
  RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …
  ☆502Jan 25, 2022Updated 4 years ago
• 0xsp-SRD / mortar

  View on GitHub
  evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
  ☆1,495Dec 21, 2023Updated 2 years ago
• klezVirus / CandyPotato

  View on GitHub
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆313Sep 16, 2021Updated 4 years ago
• icyguider / DumpNParse

  View on GitHub
  A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.
  ☆152Nov 21, 2021Updated 4 years ago
• xforcered / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆336Jul 20, 2024Updated last year
• GhostPack / Koh

  View on GitHub
  The Token Stealer
  ☆510Jul 13, 2022Updated 3 years ago
• oXis / GPUSleep

  View on GitHub
  Move CS beacon to GPU memory when sleeping
  ☆251Nov 19, 2021Updated 4 years ago
• nettitude / MalSCCM

  View on GitHub
  ☆252Sep 28, 2023Updated 2 years ago
• sailay1996 / CdpSvcLPE

  View on GitHub
  Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
  ☆254Sep 15, 2022Updated 3 years ago
• itm4n / PPLdump

  View on GitHub
  Dump the memory of a PPL with a userland exploit
  ☆891Jul 24, 2022Updated 3 years ago
• Octoberfest7 / EventViewerUAC_BOF

  View on GitHub
  Beacon Object File implementation of Event Viewer deserialization UAC bypass
  ☆133May 6, 2022Updated 3 years ago
• optiv / Ivy

  View on GitHub
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆747Aug 18, 2023Updated 2 years ago
• boku7 / spawn

  View on GitHub
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆469Mar 8, 2023Updated 2 years ago
• RedSiege / PersistAssist

  View on GitHub
  Fully modular persistence framework
  ☆258Apr 10, 2023Updated 2 years ago
• knight0x07 / ImpulsiveDLLHijack

  View on GitHub
  C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can…
  ☆548Sep 15, 2021Updated 4 years ago
• zcgonvh / EfsPotato

  View on GitHub
  Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
  ☆817Dec 14, 2023Updated 2 years ago
• optiv / Dent

  View on GitHub
  A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
  ☆297Aug 18, 2023Updated 2 years ago