Another BYOVD process killer. works on all EDR's. fully signed.
☆281May 19, 2026Updated last month
Alternatives and similar repositories for PhantomKiller
Users that are interested in PhantomKiller are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A different approach to writing BOFs in rust.☆21Aug 20, 2025Updated 10 months ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆54Nov 2, 2025Updated 8 months ago
- PowerShell implementation for AD CS☆158Mar 2, 2026Updated 4 months ago
- ☆27Aug 11, 2025Updated 10 months ago
- PoC for Acronis Arbitrary File Read - CVE-2022-45451☆18Dec 20, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalities☆63Mar 1, 2026Updated 4 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆95Sep 10, 2025Updated 9 months ago
- Header-only compile-time variables obfuscation library for C++20 and later. Compiler Support: MSVC (+WDM), Clang, GCC. Architecture Suppo…☆83Jun 21, 2026Updated last week
- remote process injections using pool party techniques☆70Jun 29, 2025Updated last year
- Find jmp gadgets for call stack spoofing.☆84Oct 1, 2025Updated 9 months ago
- ☆20Apr 5, 2025Updated last year
- A living guide to lesser-known and evasive Windows API abuses used in malware, with practical reverse engineering notes, YARA detections,…☆173Oct 27, 2025Updated 8 months ago
- ☆164May 5, 2025Updated last year
- A Cobalt Strike RL built with Crystal Palac; module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and stati…☆222Mar 15, 2026Updated 3 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆43Dec 4, 2025Updated 7 months ago
- A New Exploitation Technique for Visual Studio Projects☆13Nov 5, 2023Updated 2 years ago
- Decentralized C2 framework built on libp2p☆313Jun 16, 2026Updated 2 weeks ago
- A pointer encryption library intended for Red Team implant design in Rust.☆68Oct 1, 2025Updated 9 months ago
- converts sRDI compatible dlls to shellcode☆39Jan 20, 2025Updated last year
- This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits☆24Oct 20, 2025Updated 8 months ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆88Mar 6, 2025Updated last year
- Proof of concept exploit for Ivanti EPM CVE-2024-13159 and others☆13Feb 19, 2025Updated last year
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆152Feb 10, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆120May 2, 2024Updated 2 years ago
- ☆15Aug 1, 2023Updated 2 years ago
- Valorant C++ color based triggerbot + aimbot using imgui - Peppers0/Valorant-Cheat☆17Nov 10, 2024Updated last year
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆36Jan 15, 2022Updated 4 years ago
- ☆96Apr 27, 2026Updated 2 months ago
- EventViewer Bypass Uac Bof☆23Jul 23, 2022Updated 3 years ago
- Iterate And Decrypt FNamePool->Entries On Valorant☆13Nov 1, 2023Updated 2 years ago
- A Rust template for writing Beacon Object Files (BOFs)☆128Feb 11, 2026Updated 4 months ago
- 导出coremail联系人☆18Apr 19, 2023Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ForsHops☆154Mar 25, 2025Updated last year
- SafeCrypt is an academic ransomware simulation suite developed for Red Team engagements. It demonstrates modern malware techniques includ…☆34Oct 3, 2025Updated 9 months ago
- Shellcode injection using debugging APIs☆19Jan 13, 2014Updated 12 years ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆326Apr 12, 2024Updated 2 years ago
- Golang implementation of Reflective load PE from memory☆62Jan 10, 2022Updated 4 years ago
- early cascade injection PoC based on Outflanks blog post☆241Nov 7, 2024Updated last year
- The ultimate Red Team toolkit for phishing operations.☆74May 15, 2026Updated last month