Alternatives and similar repositories for XenoStealerLib

Users that are interested in XenoStealerLib are comparing it to the libraries listed below

• yutianqaq / Anti-Sandbox-Go
  Some anti-sandbox techniques implemented in Golang.
  ☆11Updated last year
• MaorSabag / fileSearcher
  A simple BOF (Beacon Object File) to search files in the system
  ☆14Updated last year
• Octoberfest7 / Backstab_BOF
  Beacon Object File implementation of Yaxser's Backstab
  ☆15Updated 3 years ago
• timwhitez / JmpUnhook
  Ntdll Unhooking POC
  ☆19Updated 2 years ago
• VoldeSec / BOF-NPPSPY
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆18Updated 2 years ago
• 0x3rhy / BypassCredGuard-BOF
  BypassCredGuard CS BOF
  ☆41Updated 4 months ago
• RCStep / RedTeam_Tools_n_Stuff
  Collection of self-made Red Team tools that have come in handy
  ☆11Updated 9 months ago
• Gr1mmie / SharpShellCodeObfus
  Caeser Cipher your shellcode!
  ☆20Updated 3 years ago
• jsecu / ElevatedEvents
  ☆29Updated 2 years ago
• ASkyeye / CobaltPatch
  Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…
  ☆40Updated 4 years ago
• ChoiSG / havoc2nginx
  havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…
  ☆12Updated 2 years ago
• smokeme / ProxyNotShell
  ☆19Updated 2 years ago
• dis0rder0x00 / ParentProcessManipulation-LNK
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆25Updated 8 months ago
• timwhitez / Bof2PIC
  BOF/COFF obj file to PIC(shellcode). by golang
  ☆39Updated 2 years ago
• timwhitez / Doge-BlockDLLs
  Preventing 3rd Party DLLs from Injecting into your Malware
  ☆25Updated 3 years ago
• ZephrFish / DynamicMSBuilder
  A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation
  ☆36Updated last month
• nicholasvg / RunPE-Process-Hollowing-GO
  Thanks to @d35ha
  ☆13Updated 3 years ago
• trainr3kt / Readfile_BoF
  ☆21Updated 2 years ago
• cocomelonc / 2022-04-02-malware-injection-18
  Find kernel32 base and API addresses. Simple C++ implementation
  ☆24Updated 3 years ago
• audibleblink / xordump
  ☆18Updated 3 years ago
• KingOfTheNOPs / ChangeWallpaper-BOF
  Cobalt Strike Beacon Object File to to change the user's desktop wallpaper
  ☆14Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆32Updated last year
• timwhitez / Doge-PX
  DPX - the Doge Packer for eXecutables
  ☆29Updated 3 years ago
• EvilBytecode / Amsi-Patch-Updated-2025
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆17Updated last month
• EricEsquivel / OpsLoader
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆37Updated 8 months ago
• Quack2332 / Simple-.NET-Obfuscator-PoC
  ☆20Updated 11 months ago
• CCob / SQL-BOF
  Library of BOFs to interact with SQL servers
  ☆12Updated 6 months ago
• Yair-Men / Passenger
  ProcExp Driver (Ab)use
  ☆22Updated 2 years ago
• rkbennett / pyThreadlessInject
  A python port of CCob's ThreadlessInject
  ☆25Updated 2 years ago
• atabetnouhaila / API-hashing
  ☆18Updated 7 months ago