Alternatives and similar repositories for Zero-Import-Malware

Users that are interested in Zero-Import-Malware are comparing it to the libraries listed below

• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆58Updated 10 months ago
• absholi7ly / CVE-2025-0282-Ivanti-exploit
  CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…
  ☆47Updated 5 months ago
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆54Updated last year
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆98Updated last year
• BlackShell256 / ShellGo
  Simple Shellcode Loader tool
  ☆26Updated last year
• matro7sh / matro7sh_loaders
  this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
  ☆83Updated last year
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆38Updated 11 months ago
• ASP4RUX / bypassEDR-AV
  ☆57Updated 7 months ago
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆42Updated 9 months ago
• v1k1ngfr / fuegoshell
  Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445
  ☆54Updated last year
• syncwithali / HavocExploit
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆38Updated last year
• HulkOperator / AuthStager
  ☆55Updated 8 months ago
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆122Updated 8 months ago
• bruno-1337 / SeDebugPrivilege-Exploit
  Simple C++ PoC of SeDebugPrivilege Privesc
  ☆24Updated last year
• 7h3w4lk3r / RexLdr
  Rex Shellcode Loader for AV/EDR evasion
  ☆31Updated last year
• susMdT / SharpAgent
  C# havoc implant
  ☆100Updated 2 years ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated last year
• sliverarmory / hashdump
  Dump Windows SAM hashes
  ☆42Updated last year
• dmcxblue / calc_poc
  A repository holding Proof of Concepts for executing the calculator application via different file formats
  ☆38Updated 11 months ago
• dmcxblue / SharpBlackout
  Terminate AV/EDR leveraging BYOVD attack
  ☆87Updated 3 months ago
• nullsection / Sneaky-DLL-Stager
  Reasonably undetected shellcode stager and executer.
  ☆37Updated last month
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆54Updated 5 months ago
• sfewer-r7 / CVE-2023-27532
  Exploit for CVE-2023-27532 against Veeam Backup & Replication
  ☆111Updated 2 years ago
• safedv / Rustic64Shell
  A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
  ☆71Updated 2 months ago
• DamonMohammadbagher / NativePayload_PE1
  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…
  ☆60Updated 2 years ago
• PhrozenIO / SharpFtpC2
  A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.
  ☆88Updated last year
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆92Updated 8 months ago
• weaselsec / GodPotato-Aggressor-Script
  ☆88Updated last year
• magnusstubman / tokenduplicator
  Tool to start processes as SYSTEM using token duplication
  ☆38Updated 4 years ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆105Updated last year