Alternatives and similar repositories for SharpObfuscate

Users that are interested in SharpObfuscate are comparing it to the libraries listed below

• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated last month
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆17Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 7 months ago
• Quack2332 / Simple-.NET-Obfuscator-PoC
  ☆20Updated 11 months ago
• Offensive-Panda / WPM-MAJIC-ENTRY-POINT-INJECTION
  This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…
  ☆16Updated 6 months ago
• hackerhouse-opensource / Gigabyte_ElevatePersist
  Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…
  ☆31Updated 2 years ago
• EvilBytecode / Amsi-Patch-Updated-2025
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆17Updated 3 weeks ago
• thiagomayllart / DarkMelkor
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆28Updated 3 years ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆21Updated 3 weeks ago
• KingOfTheNOPs / EnableWebDAVClient-BOF
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆21Updated last year
• atabetnouhaila / API-hashing
  ☆18Updated 7 months ago
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 3 years ago
• D4rthMaulCop / DarthNetLoader
  ☆15Updated last year
• ricardojoserf / SharpSelfDelete
  PoC to self-delete a binary in C#
  ☆32Updated last year
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆28Updated 10 months ago
• rbmm / ARL
  ☆24Updated 3 months ago
• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆27Updated 3 months ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆18Updated 2 years ago
• ChoiSG / havoc2nginx
  havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…
  ☆11Updated 2 years ago
• GeorgePatsias / PayloadFactory
  C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.
  ☆35Updated 3 years ago
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆21Updated 3 weeks ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆32Updated last year
• FalconForceTeam / bof-winrm-plugin-jump
  ☆27Updated 3 months ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• farfella / in-memory-cpython
  An In-memory Embedding of CPython
  ☆28Updated 3 years ago
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆31Updated 2 years ago
• passthehashbrowns / DInvokeProcessHollowing
  ☆28Updated 4 years ago
• octopwn / wsnet-dotnet
  ☆13Updated 4 months ago
• sudonoodle / Aggressor-NTFY
  Cobalt Strike notifications via NTFY.
  ☆13Updated 7 months ago
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year