Alternatives and similar repositories for HiveSwarming

Users that are interested in HiveSwarming are comparing it to the libraries listed below

• C5Hackr / c_syscalls
  https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.
  ☆33Updated last year
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆76Updated 2 years ago
• jdu2600 / Get-InjectedThreadEx
  Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2
  ☆50Updated 2 years ago
• Slowerzs / CryptDecryptMemory
  ☆31Updated last year
• rbmm / SDD
  Self Delete DLL
  ☆23Updated last year
• joe-desimone / rep-research
  ☆79Updated last year
• whokilleddb / ETWListicle
  List the ETW provider(s) in the registration table of a process.
  ☆80Updated 2 years ago
• synacktiv / keebcap
  Win32 keylogger that supports all (non-ime using) languages correctly
  ☆53Updated 2 years ago
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆123Updated last year
• SolomonSklash / COM-Hijacking
  An example of COM hijacking using a proxy DLL.
  ☆43Updated 4 years ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆27Updated 9 months ago
• bot984397 / eepy
  ☆38Updated 9 months ago
• OtterHacker / Hooker
  ☆108Updated last year
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆81Updated 7 months ago
• codewhitesec / SysmonEnte
  ☆76Updated 3 years ago
• Teach2Breach / early_cascade_inj_rs
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆62Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆101Updated 7 months ago
• ghostbyt3 / BYOVDFinder
  Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
  ☆74Updated 5 months ago
• passthehashbrowns / VectoredExceptionHandling
  ☆99Updated last year
• dobin / ace-firefist
  Attack chain emulator. Write recipes for initial access easily
  ☆23Updated 10 months ago
• whokilleddb / function-collections
  A collection of PoCs to do common things in unconventional ways
  ☆122Updated 4 months ago
• JJK96 / PIClin
  From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…
  ☆52Updated 3 months ago
• decoder-it / RelabelAbuse
  ☆64Updated last year
• Print3M / epic
  PIC shellcode (C/C++) development toolkit designed for malware developers.
  ☆119Updated 3 weeks ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆80Updated 2 years ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated last year
• 0xthirteen / rpc2wc
  RPC to WebClient startup
  ☆53Updated 5 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆165Updated last year
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆83Updated 9 months ago