Alternatives and similar repositories for reveng_loader

Users that are interested in reveng_loader are comparing it to the libraries listed below

• reveng007 / DareDevil

  View on GitHub
  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
  ☆37Nov 5, 2022Updated 3 years ago
• susMdT / SharpIndirectSyscalls

  View on GitHub
  ☆11Feb 12, 2023Updated 3 years ago
• latortuga71 / GoPELoader

  View on GitHub
  ☆14Aug 22, 2022Updated 3 years ago
• 0xJX / SharpRAT

  View on GitHub
  Group 4 - C# Remote Administrator Tool
  ☆11Feb 18, 2025Updated 11 months ago
• DamonMohammadbagher / NativePayload_PE1

  View on GitHub
  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…
  ☆59Jun 6, 2023Updated 2 years ago
• AleksaMCode / AMx64

  View on GitHub
  AMx64 is a simulated 64-bit environment that can interpret nasm-like asm code. It allows a usage of different 64-bit registers and 64-bit…
  ☆22Dec 22, 2023Updated 2 years ago
• XaFF-XaFF / Heap-Injection

  View on GitHub
  Example of C# heap injector for x64 and x86 shellcodes
  ☆14Jan 1, 2023Updated 3 years ago
• Ormicron / csharp-ShellcodeLoader

  View on GitHub
  基于csharp实现的免杀shellcode加载器
  ☆31May 18, 2021Updated 4 years ago
• mis-team / rsockspipe

  View on GitHub
  Tool for pivoting over SMB pipes
  ☆16Jul 20, 2019Updated 6 years ago
• 5tuk0v / PointyTokenz

  View on GitHub
  Windows Access token manipulation tool made in C#
  ☆24Aug 24, 2025Updated 5 months ago
• killvxk / awesome_shell_loaders

  View on GitHub
  shellcode-loaders and beacon-loaders
  ☆72Nov 7, 2023Updated 2 years ago
• 1M50RRY / runpe-native-loader

  View on GitHub
  Loader and RunPE file executer
  ☆18Jun 12, 2019Updated 6 years ago
• Kudaes / CustomEntryPoint

  View on GitHub
  Select any exported function in a dll as the new dll's entry point.
  ☆82Oct 25, 2024Updated last year
• ricardojoserf / NativeNtdllRemap

  View on GitHub
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆27Apr 13, 2025Updated 10 months ago
• illera88 / GCC-stealer

  View on GitHub
  Google Chrome Cookies Stealer. Steals Chrome cookies
  ☆48Nov 9, 2023Updated 2 years ago
• reveng007 / reveng_rtkit

  View on GitHub
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆265Dec 6, 2025Updated 2 months ago
• ronin-rb / ronin-payloads

  View on GitHub
  A Ruby micro-framework for writing and running exploit payloads
  ☆23Jan 16, 2026Updated last month
• oldboy21 / CGPL

  View on GitHub
  Yet, Another Packer/Loader
  ☆25Feb 26, 2023Updated 2 years ago
• Ricky5panish / ICMP-Shellcode-Loader

  View on GitHub
  A Golang shellcode loader that receives payloads via ICMP packets from a C2 server to bypass firewalls
  ☆22Apr 12, 2023Updated 2 years ago
• SweetIceLolly / arp_bomber

  View on GitHub
  A program that sends a lot of fake ARP packets to the router. This may kick everyone out of the network!
  ☆22Dec 24, 2019Updated 6 years ago
• 0xv1n / proc-suspend

  View on GitHub
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Mar 26, 2023Updated 2 years ago
• Dec0ne / PowerSploit

  View on GitHub
  PowerSploit - A PowerShell Post-Exploitation Framework
  ☆22Jun 11, 2022Updated 3 years ago
• rvrsh3ll / DInjector

  View on GitHub
  Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL
  ☆23Aug 27, 2022Updated 3 years ago
• Wra7h / PEResourceInject

  View on GitHub
  ☆60Jun 26, 2022Updated 3 years ago
• Teach2Breach / dev

  View on GitHub
  maldev obviously
  ☆28May 5, 2025Updated 9 months ago
• ProcessusT / HavocHub

  View on GitHub
  PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…
  ☆43Jul 9, 2025Updated 7 months ago
• JBalanza / USBBlocker

  View on GitHub
  C# Service that blocks the computer at unauthorized USB introduction
  ☆25Feb 20, 2020Updated 5 years ago
• WindowsCodeCamp / append_signed_pe

  View on GitHub
  Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.
  ☆26Mar 13, 2021Updated 4 years ago
• WKL-Sec / StackMask

  View on GitHub
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆66May 2, 2023Updated 2 years ago
• Idov31 / UdpInspector

  View on GitHub
  Listing UDP connections with remote address without sniffing.
  ☆31Sep 26, 2023Updated 2 years ago
• GetRektBoy724 / ReversePowernoid

  View on GitHub
  Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)
  ☆30Feb 4, 2022Updated 4 years ago
• reveng007 / ReflectiveNtdll

  View on GitHub
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆181Feb 10, 2023Updated 3 years ago
• GetRektBoy724 / JALSI

  View on GitHub
  JALSI - Just Another Lame Shellcode Injector
  ☆30Aug 1, 2021Updated 4 years ago
• cham423 / cs-tools

  View on GitHub
  cobalt strike tools
  ☆31Nov 4, 2021Updated 4 years ago
• x0reaxeax / rwlazer64

  View on GitHub
  Win64 UEFI Driver-based tool for unrestricted memory R/W
  ☆30Feb 8, 2022Updated 4 years ago
• scrt / event_masker

  View on GitHub
  Event Masker is a Splunk streaming command to mask event from search based on a list of rules that contain conditions.
  ☆16Oct 11, 2022Updated 3 years ago
• rainxh11 / ZkTecoFingerPrint

  View on GitHub
  A trimmed down sane API for using ZkTeco fingerprint reader usb devices
  ☆13Nov 20, 2023Updated 2 years ago
• 0prrr / Malwear-Sweet

  View on GitHub
  Malware?
  ☆76Oct 26, 2025Updated 3 months ago
• 0xTriboulet / Revenant

  View on GitHub
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆389Jul 30, 2024Updated last year