Alternatives and similar repositories for kong-loader

Users that are interested in kong-loader are comparing it to the libraries listed below

• rasta-mouse / LibGate

  View on GitHub
  A Crystal Palace shared library to resolve & perform syscalls
  ☆56Oct 29, 2025Updated 3 months ago
• aniko33 / AlcatrazLdr

  View on GitHub
  Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection
  ☆10Feb 26, 2025Updated 11 months ago
• jsecu / ModTask

  View on GitHub
  ☆53Sep 23, 2025Updated 4 months ago
• tijme / nimplant-beacon-position-independent-c-code

  View on GitHub
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆66Feb 11, 2025Updated last year
• paranoidninja / BRC4-BOF-Artillery

  View on GitHub
  ☆145Nov 6, 2025Updated 3 months ago
• 0xsh3llf1r3 / ColdWer

  View on GitHub
  Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass
  ☆74Jan 29, 2026Updated 2 weeks ago
• NoahKirchner / speedloader

  View on GitHub
  Rust template/library for implementing your own COFF loader
  ☆71Jan 27, 2025Updated last year
• zero2504 / Early-Cryo-Bird-Injections

  View on GitHub
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆135Apr 6, 2025Updated 10 months ago
• Ridter / netsync

  View on GitHub
  Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.
  ☆62Feb 25, 2025Updated 11 months ago
• gsmith257-cyber / better-sliver

  View on GitHub
  Adversary Emulation Framework
  ☆129Jul 1, 2025Updated 7 months ago
• tijme / relocatable

  View on GitHub
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆116Jan 20, 2025Updated last year
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆220Oct 30, 2025Updated 3 months ago
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆208Dec 25, 2024Updated last year
• whokilleddb / sinister-vsix

  View on GitHub
  Blog/Journal on how to backdoor VSCode extensions
  ☆76Updated this week
• xforcered / ForsHops

  View on GitHub
  ForsHops
  ☆152Mar 25, 2025Updated 10 months ago
• 0xHossam / HuffLoader

  View on GitHub
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆282Apr 6, 2025Updated 10 months ago
• dobin / SuperMega

  View on GitHub
  Stealthily inject shellcode into an executable
  ☆445Oct 19, 2025Updated 3 months ago
• smokeme / asar-backdoor

  View on GitHub
  ☆33Mar 19, 2025Updated 10 months ago
• Azr43lKn1ght / Rusty-PE-Packer

  View on GitHub
  A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.
  ☆42Jan 9, 2025Updated last year
• dmcxblue / PyObscura

  View on GitHub
  A python script that automates a C2 Profile build
  ☆48Dec 14, 2025Updated last month
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated 11 months ago
• Teach2Breach / hollow_rs

  View on GitHub
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆30Feb 7, 2025Updated last year
• affix / rusty-hollow

  View on GitHub
  Unix Process hollowing in rust
  ☆22Dec 16, 2024Updated last year
• whokilleddb / funcshenanigans

  View on GitHub
  A bunch of shenanigans using functions, VEH and more
  ☆37Jun 8, 2025Updated 8 months ago
• synacktiv / sccmsqlclient

  View on GitHub
  ☆26Aug 5, 2025Updated 6 months ago
• akamai / Mirage

  View on GitHub
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆104Feb 25, 2025Updated 11 months ago
• joaoviictorti / coffeeldr

  View on GitHub
  A COFF Loader written in Rust
  ☆135Dec 1, 2025Updated 2 months ago
• I3IT / Detect.Remote.ShadowSnapshot.Dump

  View on GitHub
  Detect Remote Local Credentials Dumping using a Shadow Snapshot
  ☆31Jan 27, 2025Updated last year
• Meowmycks / koneko

  View on GitHub
  Robust Cobalt Strike shellcode loader with multiple advanced evasion features
  ☆199Apr 21, 2025Updated 9 months ago
• JayGLXR / RustyMirage

  View on GitHub
  A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆38Mar 6, 2025Updated 11 months ago
• vmsplit / nebula

  View on GitHub
  arm64 linux position-independent shellcode framework
  ☆29Dec 12, 2025Updated 2 months ago
• WKL-Sec / FuncAddressPro

  View on GitHub
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Mar 6, 2024Updated last year
• Teach2Breach / noldr

  View on GitHub
  Dynamically resolve API function addresses at runtime in a secure manner.
  ☆72Nov 11, 2025Updated 3 months ago
• silentwarble / hbin_template

  View on GitHub
  Post-Ex BOF tooling for Hannibal
  ☆24Nov 20, 2024Updated last year
• LuemmelSec / PMP-Decrypter

  View on GitHub
  ☆41Sep 9, 2023Updated 2 years ago
• MythicAgents / forge

  View on GitHub
  Command Augmentation support for BOFs and .NET assemblies across agents
  ☆38Jan 12, 2026Updated last month
• CroodSolutions / BypassIT

  View on GitHub
  BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.
  ☆45Jul 6, 2025Updated 7 months ago
• rad9800 / FileRenameJunctionsEDRDisable

  View on GitHub
  ☆159Dec 13, 2024Updated last year
• Hubbl3 / ThreatCheck

  View on GitHub
  Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
  ☆12May 17, 2024Updated last year