Alternatives and similar repositories for TL-TASK

Users that are interested in TL-TASK are comparing it to the libraries listed below

• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆30Updated last year
• Slowerzs / CryptDecryptMemory
  ☆31Updated last year
• rbmm / Hollowed-Process
  ☆30Updated 5 months ago
• bot984397 / eepy
  ☆38Updated 9 months ago
• mannyfred / MentalTi
  Mentally ill EtwTi parser
  ☆66Updated 3 weeks ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆54Updated last year
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆27Updated 9 months ago
• rad9800 / talks
  ☆60Updated 9 months ago
• zzhsec / NlsCodeInjectionThroughRegistry
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆17Updated 3 years ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆42Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• lleon1435 / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆14Updated 2 years ago
• 0xjbb / vehspoof
  Callstack spoofing using a VEH because VEH all the things.
  ☆23Updated 10 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆44Updated last year
• 0xJs / EnumMitigations
  Reports on Driver, LSASS and other security services mitigations
  ☆34Updated 5 months ago
• hlldz / misc
  miscellaneous codes
  ☆36Updated 2 years ago
• passthehashbrowns / VectoredExceptionHandling
  ☆106Updated last year
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 4 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆50Updated 3 years ago
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆55Updated 2 years ago
• praetorian-inc / swarmer
  A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
  ☆74Updated 2 weeks ago
• rbmm / SC
  shell code example
  ☆67Updated last month
• hackforyourentertainment / Misery
  Misery Loader to bypass modern EDR solutions
  ☆17Updated last year
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆44Updated 2 years ago
• bohops / COM-to-the-Darkside
  Slides and resources from MCTTP 2025 Talk
  ☆66Updated 3 months ago
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆27Updated 2 years ago
• JJK96 / PIClin
  From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…
  ☆53Updated 4 months ago
• fern89 / runpe-x64
  RunPE adapted for x64 and written in C, does not use RWX
  ☆28Updated last year
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated last year