Alternatives and similar repositories for FileWrite2system

Users that are interested in FileWrite2system are comparing it to the libraries listed below

• panagioto / SyscallHide
  Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
  ☆77Updated 5 years ago
• S3cur3Th1sSh1t / SharpByeBear
  AppXSVC Service race condition - privilege escalation
  ☆28Updated 6 years ago
• tomcarver16 / SimpleInjector
  A simple injector that uses LoadLibraryA
  ☆18Updated 5 years ago
• padovah4ck / RedSharp
  Penetration Test / Read Team - C# tools repository
  ☆57Updated 3 years ago
• vletoux / OxidBindings
  Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
  ☆26Updated 5 years ago
• slyd0g / SK8RAT
  C++ implant that interfaces with a SK8PARK server
  ☆49Updated 4 years ago
• slyd0g / SK8PARK
  Python 3 server used to control SK8RAT implant
  ☆36Updated 4 years ago
• S3cur3Th1sSh1t / SharpPolarBear
  Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069
  ☆36Updated 6 years ago
• rasta-mouse / AMSITrigger
  The Hunt for Malicious Strings
  ☆13Updated 4 years ago
• jfmaes / Backdoorplz
  adding a backdooruser using win32api
  ☆80Updated 4 years ago
• OccamsXor / sim-ba
  (Sim)ulate (Ba)zar Loader
  ☆29Updated 4 years ago
• N4kedTurtle / LocalDllParse
  ☆55Updated 3 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 3 years ago
• 5h3r10ck / antivirus-evasion
  Applying some AV evasion techniques on a metasploit reverse shell
  ☆18Updated 4 years ago
• sneakerhax / C2PE
  Red Team C2 and Post Exploitation code
  ☆36Updated 3 weeks ago
• fashionproof / CheckSafeBoot
  I used this to see if an EDR is running in Safe Mode
  ☆37Updated 4 years ago
• jfmaes / SharpXOR
  XOR crypt/decrypt using C#
  ☆12Updated 4 years ago
• checkymander / CoreSploit
  Initial Commit of Coresploit
  ☆56Updated 3 years ago
• boku7 / x64win-AddRdpAdminShellcode
  64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"
  ☆40Updated 4 years ago
• aahmad097 / BadOutlook
  (kinda) Malicious Outlook Reader
  ☆136Updated 4 years ago
• rmdavy / HeapsOfFun
  AMSI Bypass Via the Heap
  ☆107Updated 4 years ago
• RedLectroid / APIunhooker
  C++ function that will automagically unhook a specified Windows API
  ☆63Updated 4 years ago
• wsummerhill / Malware_Weaponization
  A curated list of tools and techniques written from experience in weaponization of malware
  ☆37Updated last year
• mobdk / WinBoost
  Execute Mimikatz with different technique
  ☆51Updated 3 years ago
• boku7 / HellsGatePPID
  Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process
  ☆103Updated 2 years ago
• CCob / PwnyForm
  ☆48Updated 4 years ago
• two06 / AMSI_Handler
  Automate AV evasion by calling AMSI
  ☆88Updated 2 years ago
• cobbr / C2Bridge
  C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.
  ☆69Updated 4 years ago
• SolomonSklash / UnhookingPOC
  A small commented POC for removing API hooks placed by AV/EDR.
  ☆34Updated 5 years ago
• warferik / CVE-2019-3980
  ☆18Updated 4 years ago