Alternatives and similar repositories for donut-decryptor:

Users that are interested in donut-decryptor are comparing it to the libraries listed below

• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆97Updated last month
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆140Updated 2 months ago
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆147Updated 11 months ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Updated last year
• ZephrFish / QoL-BOFs
  Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
  ☆129Updated 4 months ago
• MultSec / MultCheck
  Identifies bad bytes from static analysis with any Anti-Virus scanner.
  ☆124Updated 9 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆102Updated last month
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆98Updated 9 months ago
• vari-sh / RedTeamGrimoire
  🔥📜 Forbidden collection of Red Team sorcery 📜🔥
  ☆97Updated last week
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆187Updated 4 months ago
• trustedsec / DitExplorer
  Tool for viewing NTDS.dit
  ☆155Updated last month
• byinarie / teams_dump
  PoC for dumping and decrypting cookies in the latest version of Microsoft Teams
  ☆132Updated last year
• sensepost / mydumbedr
  ☆117Updated last year
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆75Updated last year
• wietze / Invoke-ArgFuscator
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆164Updated last week
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆114Updated 11 months ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆123Updated 2 years ago
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆118Updated 10 months ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆79Updated last year
• Kudaes / Bin-Finder
  Detect EDR's exceptions by inspecting processes' loaded modules
  ☆129Updated last year
• nettitude / Tartarus-TpAllocInject
  ☆181Updated last year
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆89Updated 10 months ago
• Octoberfest7 / Enumprotections_BOF
  A BOF to enumerate system process, their protection levels, and more.
  ☆115Updated 4 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆71Updated last month
• 0xthirteen / AssemblyHunter
  Find .net assemblies locally
  ☆111Updated 2 years ago
• NtDallas / Svartalfheim
  Stage 0
  ☆156Updated 4 months ago
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆173Updated 4 months ago
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 9 months ago
• wietze / windows-dll-env-hijacking
  Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.
  ☆57Updated 2 years ago
• dmcxblue / SharpGhostTask
  A C# port from Invoke-GhostTask
  ☆114Updated last year