Alternatives and similar repositories for PersistantService:

Users that are interested in PersistantService are comparing it to the libraries listed below

• Yaxser / Itaskhandler
  Implementation of ITaskHandler in C++
  ☆13Updated last year
• Ap3x / COFF-Loader
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆41Updated last year
• Hagrid29 / herpaderply_hollowing
  Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
  ☆45Updated 2 years ago
• 0xMegaByte / COM-Explained
  ☆27Updated 2 years ago
• benheise / TitanLdr
  Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
  ☆44Updated 3 years ago
• florylsk / NtDump
  Indirect NT syscalls LSASS dumper.
  ☆40Updated last year
• NUL0x4C / ManualRsrcDataFetching
  Get your data from the resource section manually, with no need for windows apis
  ☆56Updated 2 months ago
• PorLaCola25 / PPID-Spoofing
  POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…
  ☆39Updated 3 years ago
• whokilleddb / A-Study-in-Obfuscation
  A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
  ☆41Updated 2 years ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆42Updated last year
• CodeXTF2 / BusySleepBeacon
  This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…
  ☆32Updated 3 years ago
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆30Updated 11 months ago
• ctxis / DynamicWrapperEx
  x64 Registration-Free In-Process COM Automation Server.
  ☆48Updated 2 years ago
• lab52io / StealAllTokens
  This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…
  ☆56Updated 3 years ago
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆61Updated last year
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆36Updated last year
• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆44Updated 7 months ago
• SolomonSklash / netntlm
  A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP
  ☆33Updated 3 years ago
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆25Updated 2 years ago
• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆45Updated last week
• realoriginal / doublepulsar
  An unfinished DOUBLEPULSAR clone. Set to be redone at a later date
  ☆15Updated last year
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆54Updated 2 years ago
• Wra7h / PEResourceInject
  ☆54Updated 2 years ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆29Updated 4 years ago
• arsium / PELoader
  ☆20Updated last year
• rbmm / RtlClone
  ☆27Updated 6 months ago
• Dump-GUY / sc2pe
  Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE
  ☆65Updated last year