Alternatives and similar repositories for WhoamiAlternatives

Users that are interested in WhoamiAlternatives are comparing it to the libraries listed below

• naksyn / ProcessStomping

  View on GitHub
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Dec 16, 2023Updated 2 years ago
• cpu0x00 / SharpReflectivePEInjection

  View on GitHub
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆164Jan 4, 2024Updated 2 years ago
• Mr-Un1k0d3r / .NetConfigLoader

  View on GitHub
  .net config loader
  ☆348Nov 9, 2023Updated 2 years ago
• S3cur3Th1sSh1t / SharpVeeamDecryptor

  View on GitHub
  Decrypt Veeam database passwords
  ☆222Dec 8, 2025Updated 2 months ago
• d0ub1ec0d3 / SharpEmailC2

  View on GitHub
  ☆18Nov 23, 2023Updated 2 years ago
• JPG0mez / ADCSync

  View on GitHub
  Use ESC1 to perform a makeshift DCSync and dump hashes
  ☆210Nov 2, 2023Updated 2 years ago
• wh0amitz / SharpRODC

  View on GitHub
  To audit the security of read-only domain controllers
  ☆118Nov 27, 2023Updated 2 years ago
• Bl4ckM1rror / PEAs

  View on GitHub
  ☆61Dec 15, 2023Updated 2 years ago
• sokaRepo / CoercedPotatoRDLL

  View on GitHub
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆224Nov 23, 2023Updated 2 years ago
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆609Jan 2, 2025Updated last year
• S1lkys / SharpKiller

  View on GitHub
  Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
  ☆351Aug 29, 2024Updated last year
• antonioCoco / SspiUacBypass

  View on GitHub
  Bypassing UAC with SSPI Datagram Contexts
  ☆460Sep 24, 2023Updated 2 years ago
• EspressoCake / Defender-Exclusions-Creator-BOF

  View on GitHub
  ☆83Nov 1, 2023Updated 2 years ago
• pard0p / CallstackSpoofingPOC

  View on GitHub
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆425Feb 11, 2024Updated 2 years ago
• Meowmycks / LetMeowIn

  View on GitHub
  A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
  ☆442Jul 8, 2024Updated last year
• ElliotKillick / LdrLockLiberator

  View on GitHub
  For when DLLMain is the only way
  ☆423Oct 29, 2024Updated last year
• RedSiege / GraphStrike

  View on GitHub
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆621Jun 25, 2024Updated last year
• icyguider / LatLoader

  View on GitHub
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆307Dec 9, 2023Updated 2 years ago
• senzee1984 / InflativeLoading

  View on GitHub
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆325Apr 12, 2024Updated last year
• Cracked5pider / LdrLibraryEx

  View on GitHub
  A small x64 library to load dll's into memory.
  ☆455Nov 6, 2023Updated 2 years ago
• hackerhouse-opensource / Stinger

  View on GitHub
  CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as A…
  ☆300Feb 2, 2026Updated last week
• rasta-mouse / CsWhispers

  View on GitHub
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆186Mar 4, 2024Updated last year
• dmcxblue / SharpGhostTask

  View on GitHub
  A C# port from Invoke-GhostTask
  ☆119Jan 5, 2024Updated 2 years ago
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Feb 11, 2024Updated 2 years ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆678Oct 23, 2024Updated last year
• Krypteria / AtlasLdr

  View on GitHub
  Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
  ☆389Oct 8, 2024Updated last year
• BlackSnufkin / GhostDriver

  View on GitHub
  yet another AV killer tool using BYOVD
  ☆304Dec 12, 2023Updated 2 years ago
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆432Dec 21, 2023Updated 2 years ago
• ricardojoserf / NativeDump

  View on GitHub
  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
  ☆698May 7, 2025Updated 9 months ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆158Nov 7, 2023Updated 2 years ago
• ricardojoserf / SharpObfuscate

  View on GitHub
  Obfuscate payloads using IPv4, IPv6, MAC or UUID strings
  ☆22Feb 17, 2024Updated last year
• aleenzz / ADExplorerX

  View on GitHub
  ☆46Jun 25, 2024Updated last year
• synacktiv / DLHell

  View on GitHub
  Local & remote Windows DLL Proxying
  ☆170Jun 17, 2024Updated last year
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆259Jun 29, 2024Updated last year
• Enelg52 / OffensiveGo

  View on GitHub
  Golang weaponization for red teamers.
  ☆516Jan 17, 2024Updated 2 years ago
• Xre0uS / MultiDump

  View on GitHub
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆537Nov 14, 2025Updated 3 months ago
• WKL-Sec / dcomhijack

  View on GitHub
  Lateral Movement Using DCOM and DLL Hijacking
  ☆325Jun 18, 2023Updated 2 years ago
• synacktiv / GPOddity

  View on GitHub
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆358Dec 13, 2025Updated 2 months ago
• mlcsec / SigFinder

  View on GitHub
  Identify binaries with Authenticode digital signatures signed to an internal CA/domain
  ☆40Feb 6, 2024Updated 2 years ago