Alternatives and similar repositories for beignet

Users that are interested in beignet are comparing it to the libraries listed below

• Octoberfest7 / ThreadCPUAssignment_POC

  View on GitHub
  A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread
  ☆30Sep 24, 2025Updated 4 months ago
• jonny-jhnson / ProcCallback

  View on GitHub
  An example of how a driver can register a handle creation callback.
  ☆16Jun 12, 2023Updated 2 years ago
• ibaiC / FriendlyFireBOF

  View on GitHub
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆57Apr 14, 2025Updated 10 months ago
• k3idii / CobaltStrike-Tools

  View on GitHub
  Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...
  ☆28Apr 13, 2023Updated 2 years ago
• JJK96 / PIClin

  View on GitHub
  From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…
  ☆53Sep 22, 2025Updated 4 months ago
• AlmondOffSec / LibTPLoadLib

  View on GitHub
  Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…
  ☆73Nov 6, 2025Updated 3 months ago
• X1r0z / spring-amqp-deserialization

  View on GitHub
  PoC of Spring AMQP Deserialization Vulnerability (CVE-2023-34050)
  ☆13Jan 29, 2024Updated 2 years ago
• LLVMParty / LLVMCMakeTemplate

  View on GitHub
  Collection of scripts and CMake files to easily link to LLVM into your project (Windows, Linux, macOS).
  ☆43Apr 2, 2025Updated 10 months ago
• Teach2Breach / rust_api_demo

  View on GitHub
  various methods of making API calls
  ☆19Feb 1, 2025Updated last year
• cedowens / Dylib_Runner

  View on GitHub
  Swift code to run a dylib on disk
  ☆16May 9, 2022Updated 3 years ago
• kapellos / LNKSmuggler

  View on GitHub
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆92Jan 8, 2025Updated last year
• N4kedTurtle / ExecuteAssembly_Mailslot

  View on GitHub
  ☆38Oct 12, 2020Updated 5 years ago
• mdsecresearch / NSAMeetingWithProxyShell

  View on GitHub
  ☆19Sep 15, 2021Updated 4 years ago
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆60Jan 5, 2026Updated last month
• ss23 / evilginx2

  View on GitHub
  Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …
  ☆18Apr 4, 2023Updated 2 years ago
• susMdT / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆52Dec 4, 2023Updated 2 years ago
• NtDallas / Ulfberht

  View on GitHub
  Shellcode loader
  ☆100Nov 24, 2024Updated last year
• dsnezhkov / shutter

  View on GitHub
  ☆124May 12, 2021Updated 4 years ago
• thelikes / slivercloak

  View on GitHub
  PoC framework for Sliver compilation
  ☆22Jan 14, 2025Updated last year
• preludeorg / ThreatIntelligenceConsumer

  View on GitHub
  Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…
  ☆63Jan 19, 2026Updated 3 weeks ago
• invictus-0x90 / Docker-C3

  View on GitHub
  Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container
  ☆27Oct 24, 2021Updated 4 years ago
• zimnyaa / nim-noload-dll-hollowing

  View on GitHub
  Unused DLL hollowing PoC in Nim
  ☆17Jan 31, 2022Updated 4 years ago
• cirosec / warbird-demos

  View on GitHub
  ☆44Nov 7, 2024Updated last year
• 0xjbb / vehspoof

  View on GitHub
  Callstack spoofing using a VEH because VEH all the things.
  ☆23Mar 18, 2025Updated 10 months ago
• MythicAgents / Nimplant

  View on GitHub
  A cross-platform implant written in Nim
  ☆175Mar 6, 2024Updated last year
• Cobalt-Strike / sleepmask-vs

  View on GitHub
  A simple Sleepmask BOF example
  ☆167Nov 24, 2025Updated 2 months ago
• mubix / redteam-collab

  View on GitHub
  Red Team Collaboration Infrastructure
  ☆98Apr 24, 2025Updated 9 months ago
• williamknows / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆90Oct 13, 2024Updated last year
• zyn3rgy / ClickonceHunter

  View on GitHub
  Golang search engine scraper intended for identification of published ClickOnce deployments
  ☆93Nov 19, 2024Updated last year
• ig-labs / defender-mpengine-fuzzing

  View on GitHub
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆39Jul 29, 2025Updated 6 months ago
• ctxis / DynamicWrapperEx

  View on GitHub
  x64 Registration-Free In-Process COM Automation Server.
  ☆51Nov 28, 2022Updated 3 years ago
• nullenc0de / Internal_Pentest

  View on GitHub
  Scripts that automate portions of pentests.
  ☆57Updated this week
• ScriptIdiot / sleepmask_ekko_cfg

  View on GitHub
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆49Mar 15, 2023Updated 2 years ago
• monoxgas / minibus

  View on GitHub
  Remote code execution in Power Platform connectors via JSON deserialization
  ☆23Mar 30, 2023Updated 2 years ago
• Cobalt-Strike / obfuscator-llvm

  View on GitHub
  ☆57Jan 15, 2024Updated 2 years ago
• LloydLabs / shellcode-plain-sight

  View on GitHub
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆209Nov 12, 2025Updated 3 months ago
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆38Aug 5, 2025Updated 6 months ago
• CUHKJason / BOF-klist

  View on GitHub
  A simple BOF implementation of klist using Windows API
  ☆32Jul 7, 2022Updated 3 years ago
• xforcered / GetWebDAVStatus

  View on GitHub
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆27Sep 29, 2021Updated 4 years ago