Alternatives and similar repositories for CannonLoader

Users that are interested in CannonLoader are comparing it to the libraries listed below

• rasta-mouse / SQL-BOF
  Library of BOFs to interact with SQL servers
  ☆23Updated 6 months ago
• 0x3rhy / BypassCredGuard-BOF
  BypassCredGuard CS BOF
  ☆47Updated 9 months ago
• casp3r0x0 / PolymorphicSignature
  A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.
  ☆17Updated 8 months ago
• dis0rder0x00 / ParentProcessManipulation-LNK
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆27Updated last year
• 0xTriboulet / scepter-rs
  A hacky way of getting cross-arch/platform support in Cobalt Strike
  ☆38Updated 2 months ago
• kleiton0x00 / RtlHijack
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆76Updated 2 months ago
• EvilBytecode / Amsi-Patch-Updated-2025
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆24Updated 6 months ago
• EricEsquivel / OpsLoader
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆43Updated last year
• Teach2Breach / phantom_persist_rs
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆57Updated 4 months ago
• nickvourd / SugarFree
  Less sugar (entropy) for your binaries
  ☆33Updated last month
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆50Updated 9 months ago
• JayGLXR / Rusty-Stardust
  A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…
  ☆59Updated 7 months ago
• 0xRedpoll / SignalKeyBOF
  BOF to decrypt Signal Desktop chat logs
  ☆73Updated 8 months ago
• cybersectroll / TrollRPC
  ☆50Updated 3 months ago
• ProcessusT / HavocHub
  PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…
  ☆40Updated 3 months ago
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆83Updated last year
• FalconForceTeam / bof-winrm-plugin-jump
  ☆31Updated 9 months ago
• c3r3br4t3 / ShadowRDP
  ☆72Updated last year
• MrAle98 / Sliver-CPPImplant2
  Sliver agent rewritten in C++
  ☆48Updated last year
• Shrfnt77 / AmsiBypass
  Bypassing Amsi using LdrLoadDll
  ☆47Updated 9 months ago
• Maldev-Academy / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆52Updated 5 months ago
• HulkOperator / AuthStager
  ☆58Updated last year
• wolfcod / beacondbg
  Beacon Debugger
  ☆55Updated last year
• redr0nin / CVE-2024-38143
  Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
  ☆24Updated 8 months ago
• entropy-z / PostEx-Arsenal
  Arsenal of modules to beacon postex formats like BOF/Shellcode including: dotnet in memory execution, dumps (wifi, clipboard, screenshot,…
  ☆45Updated last week
• buldansec / EnableEFS
  Enable EFS service as low priv user (PE & BOF)
  ☆20Updated 3 months ago
• maxDcb / C2Implant
  Windows C++ Implant for Exploration C2
  ☆42Updated 2 weeks ago
• cybersectroll / SharpPersistSD
  ☆91Updated last year
• Kryp7os / SharpRBCD
  An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD
  ☆48Updated 7 months ago
• m7rick / Havoc-DLLHijack
  A tool to assist DLL hijacking via the Havoc GUI
  ☆13Updated last year