Alternatives and similar repositories for winhook

Users that are interested in winhook are comparing it to the libraries listed below

• diljith369 / nim4Pentest
  My nim learning experiments
  ☆11Updated 2 years ago
• 17ms / airborne
  Shellcode reflective DLL injection in Rust
  ☆19Updated last year
• shlyuz / teamserver
  ☆12Updated 2 years ago
• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆17Updated 2 years ago
• deepinstinct / VSTO-POC
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆31Updated 2 years ago
• zimnyaa / grpcssh
  A simple reverse ssh/proxy implant PoC for *nix systems.
  ☆54Updated 11 months ago
• Ne0nd0g / go-coff
  Load and execute a common object file format (COFF) in the current process
  ☆29Updated last year
• dxxzero / rusty_drivers
  BYOVD collection
  ☆23Updated last year
• atabetnouhaila / API-hashing
  ☆18Updated 7 months ago
• magisterquis / shelloverreversessh
  A little implant which SSH's back with a shell
  ☆38Updated 3 years ago
• An00bRektn / gopher47
  A third-party Gopher Assassin for the Havoc Framework.
  ☆44Updated last year
• zer1t0 / keydump
  Dump Linux keyrings
  ☆19Updated 10 months ago
• snovvcrash / RemoteRegSave
  A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host
  ☆39Updated last year
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆36Updated last year
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• CyberSecurityUP / SyscallHookDetector
  ☆17Updated 7 months ago
• hyp3rlinx / NtFileSins
  Windows File Enumeration Intel Gathering Tool.
  ☆17Updated last year
• Gr1mmie / Coeus
  ADSI based SA tool
  ☆17Updated 3 years ago
• thefLink / Memfiddler
  Executes shellcode from a remote server and aims to evade in-memory scanners
  ☆31Updated 5 years ago
• ricardojoserf / http-protocol-exfil
  Exfiltrate files using the HTTP protocol version ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1)
  ☆23Updated 3 years ago
• Meckazin / HidingFromETW
  PoC for detecting and evading ETW detection of .Net Assembly.Load
  ☆20Updated 4 years ago
• zimnyaa / PhaseDive
  Sleep Obfuscation
  ☆45Updated 2 years ago
• patrickhener / invictus
  OSED Practice binary
  ☆24Updated last year
• zimnyaa / LEOPARDSEAL
  A simple Linux in-memory .so loader
  ☆30Updated 2 years ago
• Und3rf10w / CobaltStrikeBOFs
  Beacon Object Files used for Cobalt Strike
  ☆19Updated last year
• ChrisPritchard / golang-shellcode-runner
  A shellcode runner / injector / hollower in Go, for windows
  ☆26Updated 3 years ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆32Updated last year
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆31Updated last year
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Updated last year
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago