Alternatives and similar repositories for FakeTLS:

Users that are interested in FakeTLS are comparing it to the libraries listed below

• evilashz / PigSyscall
  An implementation of an indirect system call
  ☆119Updated last year
• fern89 / C2
  A basic C2 framework written in C
  ☆58Updated 6 months ago
• aplyc1a / PEMemoryLoader
  Load static-compiled PE from remote server.
  ☆59Updated 3 years ago
• Hagrid29 / BYOVDKit
  bring your own vulnerable driver
  ☆90Updated last year
• bestspear / ReBeacon_ForClang
  Beacon compiled using clang
  ☆63Updated 2 years ago
• waawaa / breakcyserver
  ☆46Updated 2 years ago
• capt-meelo / NtCreateUserProcess
  Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html
  ☆129Updated 2 years ago
• crisprss / Extracted_WD_VDM
  Windows Defender VDM lua collections
  ☆48Updated 2 years ago
• alfarom256 / StinkyLoader
  It stinks
  ☆101Updated 2 years ago
• hackerhouse-opensource / ColorDataProxyUACBypass
  Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…
  ☆137Updated 2 years ago
• NUL0x4C / Syscallslib
  a library that automates some clean syscalls to make it easier to implement
  ☆84Updated 2 years ago
• MahmoudZohdy / APICallProxy
  Windows API Call Obfuscation
  ☆99Updated 2 years ago
• killvxk / awesome-C2
  C2
  ☆85Updated 2 weeks ago
• aaaddress1 / sakeInject
  Windows PE - TLS (Thread Local Storage) Injector in C/C++
  ☆105Updated 4 years ago
• joe-desimone / patriot
  ☆132Updated 2 years ago
• RedTeamOperations / VEH-PoC
  ☆110Updated 2 years ago
• ASkyeye / FilelessRemotePE
  Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
  ☆61Updated 2 years ago
• 0x00Check / Amaterasu
  Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…
  ☆71Updated 11 months ago
• timwhitez / Doge-sRDI
  Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode
  ☆58Updated 3 years ago
• mdsecactivebreach / ParallelSyscalls
  ☆160Updated 3 years ago
• jdu2600 / EtwTi-FluctuationMonitor
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆111Updated last year
• killvxk / awesome_shell_loaders
  shellcode-loaders and beacon-loaders
  ☆64Updated last year
• Yaxser / COFFLoader2
  Load and execute COFF files and Cobalt Strike BOFs in-memory
  ☆207Updated 2 years ago
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆109Updated last year
• mez-0 / InMemoryNET
  Exploring in-memory execution of .NET
  ☆136Updated 2 years ago
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆98Updated last year
• BeneficialCode / KPPL
  Kill Protected Process Light Process (include av)
  ☆55Updated last year
• scrt / avdebugger
  ☆85Updated 2 years ago
• morph3 / Windows-RPC-Backdoor
  Simple windows rpc server for research purposes only
  ☆82Updated 2 years ago
• AzAgarampur / byeintegrity2-uac
  Bypass UAC by abusing the Internet Explorer Add-on installer
  ☆52Updated 3 years ago