Alternatives and similar repositories for winsos-poc

Users that are interested in winsos-poc are comparing it to the libraries listed below

• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆58Updated 10 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆73Updated 3 months ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆81Updated last year
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Updated last year
• decoder-it / RelabelAbuse
  ☆61Updated last year
• 0x00Check / ExploitLeakedHandle
  Identify and exploit leaked handles for local privilege escalation.
  ☆108Updated 2 years ago
• passthehashbrowns / Being-A-Good-CLR-Host
  ☆63Updated 5 months ago
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆86Updated 2 years ago
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆130Updated 10 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated last year
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆111Updated 11 months ago
• lap1nou / CLR_Heap_encryption
  ☆100Updated last year
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 5 months ago
• MEhrn00 / boflink
  Linker for Beacon Object Files
  ☆116Updated this week
• Octoberfest7 / enumhandles_BOF
  ☆125Updated 9 months ago
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆36Updated 6 months ago
• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆117Updated 8 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated 8 months ago
• xalicex / LOLDrivers_finder
  ☆86Updated last year
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆157Updated last year
• Y3A / CVE-2023-28229
  ☆131Updated last year
• safedv / Rustic64Shell
  A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
  ☆71Updated 2 months ago
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆164Updated 9 months ago
• joaoviictorti / coffeeldr
  A COFF Loader written in Rust
  ☆102Updated this week
• Wh04m1001 / CVE-2023-36723
  ☆67Updated last year
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆82Updated 8 months ago
• cybersectroll / SharpPersistSD
  ☆89Updated last year
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆58Updated this week
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆105Updated last year
• ScriptIdiot / sleepmask_PatchlessHook
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆84Updated 2 years ago