Alternatives and similar repositories for go-clr

Users that are interested in go-clr are comparing it to the libraries listed below

• lesnuages / go-execute-assembly

  View on GitHub
  Allow a Go process to dynamically load .NET assemblies
  ☆150Mar 28, 2020Updated 5 years ago
• ayoul3 / reflect-pe

  View on GitHub
  Reflectively load PE
  ☆105Aug 4, 2020Updated 5 years ago
• CCob / goreflect

  View on GitHub
  Reflective DLL loading of your favorite Golang program
  ☆173Jan 27, 2020Updated 6 years ago
• Binject / go-donut

  View on GitHub
  Donut Injector ported to pure Go. For use with https://github.com/TheWover/donut
  ☆357Sep 8, 2022Updated 3 years ago
• Ne0nd0g / go-clr

  View on GitHub
  A PoC package for hosting the CLR and executing .NET from Go
  ☆78Jul 9, 2024Updated last year
• C-Sto / goWMIExec

  View on GitHub
  Really stupid re-implementation of invoke-wmiexec
  ☆217Feb 25, 2023Updated 2 years ago
• aus / gopherheaven

  View on GitHub
  Go implementation of the Heaven's Gate technique
  ☆102Feb 11, 2021Updated 5 years ago
• C-Sto / BananaPhone

  View on GitHub
  It's a go variant of Hells gate! (directly calling windows kernel functions, but from Go!)
  ☆526Oct 12, 2022Updated 3 years ago
• Ne0nd0g / go-shellcode

  View on GitHub
  A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls o…
  ☆1,169Feb 25, 2023Updated 2 years ago
• Binject / universal

  View on GitHub
  Universal Shared Library User-space Loader
  ☆235May 19, 2022Updated 3 years ago
• C-Sto / encembed

  View on GitHub
  Encrypt embedded go files using age.
  ☆49Oct 21, 2021Updated 4 years ago
• D00MFist / Go4aRun

  View on GitHub
  Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process
  ☆231Jul 30, 2020Updated 5 years ago
• Accenture / CLRvoyance

  View on GitHub
  Managed assembly shellcode generation
  ☆280Mar 19, 2021Updated 4 years ago
• sh4hin / GoPurple

  View on GitHub
  Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions
  ☆494Apr 1, 2021Updated 4 years ago
• outflanknl / TamperETW

  View on GitHub
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆192Mar 26, 2020Updated 5 years ago
• forrest-orr / phantom-dll-hollower-poc

  View on GitHub
  Phantom DLL hollowing PoC
  ☆370May 23, 2022Updated 3 years ago
• C-Sto / gosecretsdump

  View on GitHub
  Dump ntds.dit really fast
  ☆410Oct 1, 2021Updated 4 years ago
• monoxgas / Koppeling

  View on GitHub
  Adaptive DLL hijacking / dynamic export forwarding
  ☆807Jul 6, 2020Updated 5 years ago
• Ne0nd0g / go-coff

  View on GitHub
  Load and execute a common object file format (COFF) in the current process
  ☆32Mar 9, 2024Updated last year
• Binject / backdoorfactory

  View on GitHub
  A from-scratch rewrite of The Backdoor Factory - a MitM tool for inserting shellcode into all types of binaries on the wire.
  ☆380Aug 13, 2021Updated 4 years ago
• dsnezhkov / typhoon

  View on GitHub
  ☆110May 14, 2018Updated 7 years ago
• CCob / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆770Sep 4, 2024Updated last year
• b4rtik / metasploit-execute-assembly

  View on GitHub
  Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
  ☆348Jul 21, 2020Updated 5 years ago
• capnspacehook / pandorasbox

  View on GitHub
  An intuitive and encrypted in-memory filesystem (VFS)
  ☆101Nov 20, 2025Updated 2 months ago
• bohops / GhostBuild

  View on GitHub
  GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects
  ☆251Sep 26, 2020Updated 5 years ago
• dmchell / Sniper

  View on GitHub
  A simple proof of concept for detecting use of Cobalt Strike's execute-assembly
  ☆59Apr 1, 2022Updated 3 years ago
• wumb0 / rust_bof

  View on GitHub
  Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
  ☆282Feb 8, 2024Updated 2 years ago
• anthemtotheego / Detect-Hooks

  View on GitHub
  Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
  ☆158Jul 22, 2021Updated 4 years ago
• audibleblink / getsystem

  View on GitHub
  Small utility package for manipulating Windows process tokens
  ☆26Apr 26, 2022Updated 3 years ago
• Binject / debug

  View on GitHub
  Fork of pkg/debug that adds some additional functionality.
  ☆128Updated this week
• med0x2e / ExecuteAssembly

  View on GitHub
  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…
  ☆595Jul 26, 2021Updated 4 years ago
• yamakadi / clroxide

  View on GitHub
  A rust library that allows you to host the CLR and execute dotnet binaries.
  ☆235Mar 12, 2025Updated 11 months ago
• jnqpblc / SharpTask

  View on GitHub
  SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.
  ☆93Feb 15, 2021Updated 5 years ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,594Jul 10, 2023Updated 2 years ago
• aus / proxyplease

  View on GitHub
  Cross-platform proxy selection with optional native authentication negotiation
  ☆53Feb 25, 2023Updated 2 years ago
• mandiant / DueDLLigence

  View on GitHub
  ☆482Jun 2, 2023Updated 2 years ago
• frkngksl / ParallelNimcalls

  View on GitHub
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Jan 14, 2022Updated 4 years ago
• nettitude / RunPE

  View on GitHub
  C# Reflective loader for unmanaged binaries.
  ☆447Jan 25, 2023Updated 3 years ago
• maxlandon / wiregost

  View on GitHub
  Golang Implant & Post-Exploitation Framework
  ☆60Jun 30, 2023Updated 2 years ago