Alternatives and similar repositories for com-research:

Users that are interested in com-research are comparing it to the libraries listed below

• rbmm / SDD
  Self Delete DLL
  ☆23Updated 11 months ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• thesnoom / extps-cobalt-strike-bof
  Extended Process List (Search functionality)
  ☆29Updated 4 years ago
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆35Updated 8 months ago
• N4kedTurtle / SharpTeamsDump
  Dump Teams conversations
  ☆18Updated 3 years ago
• s4dbrd / ETWReader
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆14Updated 7 months ago
• xforcered / AdvSim.Cryptography
  Simple and sane cryptographic wrapper library.
  ☆26Updated last year
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated last year
• m8sec / EAPrimer
  C# project to Reflectively load .Net assemblies in memory
  ☆17Updated 7 months ago
• SolomonSklash / netntlm
  A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP
  ☆33Updated 3 years ago
• realoriginal / krbdump
  A way to extract tickets in case I need to purge and restore tickets on the fly.
  ☆17Updated 9 months ago
• Meckazin / HidingFromETW
  PoC for detecting and evading ETW detection of .Net Assembly.Load
  ☆18Updated 4 years ago
• janoglezcampos / FindItByCalls
  Hacky code for extracting calls in DLLs by function
  ☆14Updated 2 years ago
• Allevon412 / BreadManModuleStomping
  ☆42Updated last year
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 3 years ago
• sakkis91 / SandboxPPL
  Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.
  ☆11Updated 2 years ago
• KingOfTheNOPs / EnableWebDAVClient-BOF
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆17Updated last year
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆28Updated 2 years ago
• tomcarver16 / Athena
  An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…
  ☆24Updated 4 years ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• waldo-irc / JYang
  ☆14Updated 2 years ago
• thiagomayllart / DarkMelkor
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆27Updated 3 years ago
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆30Updated 2 years ago
• houseofint3 / windows-ps-callbacks-experiments
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆12Updated 2 years ago
• hotnops / COM_Mapper
  A tool to create COM class/interface relationships in neo4j
  ☆47Updated 2 years ago
• Allevon412 / BenignHunter
  ☆16Updated 6 months ago
• kartikdurg / Enum-LSASS
  LSASS enumeration like pypykatz written in C-Lang
  ☆20Updated 3 years ago
• Adepts-Of-0xCC / SnoopyOwl
  ☆46Updated 3 years ago
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆30Updated 11 months ago
• SolomonSklash / SeasideBishop
  A C port of b33f's UrbanBishop
  ☆38Updated 4 years ago