☆24Feb 1, 2025Updated last year
Alternatives and similar repositories for ARL
Users that are interested in ARL are comparing it to the libraries listed below
Sorting:
- ☆18Feb 29, 2024Updated 2 years ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- ☆31Dec 5, 2024Updated last year
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆76Oct 27, 2025Updated 4 months ago
- ☆38Feb 26, 2025Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- Self Delete DLL☆23Feb 15, 2024Updated 2 years ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- Parse SDDL strings☆37Apr 1, 2024Updated last year
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Nemesis agent for Mythic☆28Dec 11, 2025Updated 2 months ago
- ☆31Jul 26, 2024Updated last year
- A public, open source physical security methodology☆47Apr 2, 2024Updated last year
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Aug 2, 2025Updated 7 months ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- ☆57Jan 15, 2024Updated 2 years ago
- Template-based generation of shellcode loaders☆80Apr 20, 2024Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆65Dec 16, 2023Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- Click Once + App Domain☆64Feb 23, 2026Updated last week
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated 2 months ago
- Are you forwarding DNS traffic to another server for some reason, but want to make sure only queries for certain names are passed? Say no…☆20Oct 16, 2022Updated 3 years ago
- ☆24Sep 26, 2021Updated 4 years ago
- Amazing whoami alternatives☆141Mar 23, 2024Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53May 21, 2020Updated 5 years ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆211Jun 10, 2024Updated last year
- ☆83Nov 1, 2023Updated 2 years ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆45Aug 30, 2023Updated 2 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- Claude MCP server to perform analysis on ROADrecon data☆48Mar 30, 2025Updated 11 months ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆25Mar 7, 2023Updated 2 years ago
- ☆100Sep 1, 2024Updated last year