Alternatives and similar repositories for donut-decryptor:

Users that are interested in donut-decryptor are comparing it to the libraries listed below

• ZephrFish / QoL-BOFs
  Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
  ☆127Updated 2 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆162Updated 8 months ago
• sensepost / mydumbedr
  ☆112Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 6 months ago
• cybersectroll / SharpPersistSD
  ☆85Updated 9 months ago
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆144Updated 9 months ago
• Karkas66 / CelestialSpark
  A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
  ☆83Updated 10 months ago
• OmriBaso / BesoToken
  A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).
  ☆93Updated 2 years ago
• xpn / CloudInject
  ☆107Updated 3 months ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆172Updated 2 months ago
• fin3ss3g0d / StoneKeeper
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆188Updated last month
• Z4kSec / IoctlHunter
  IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.
  ☆95Updated last year
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆115Updated 8 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆76Updated 5 months ago
• 0xthirteen / AssemblyHunter
  Find .net assemblies locally
  ☆104Updated 2 years ago
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆91Updated last year
• Octoberfest7 / Enumprotections_BOF
  A BOF to enumerate system process, their protection levels, and more.
  ☆113Updated 2 months ago
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆88Updated 8 months ago
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆165Updated 2 months ago
• xalicex / LOLDrivers_finder
  ☆75Updated last year
• rad9800 / FileRenameJunctionsEDRDisable
  ☆143Updated 2 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆109Updated 9 months ago
• nettitude / Tartarus-TpAllocInject
  ☆180Updated last year
• MultSec / MultCheck
  Identifies bad bytes from static analysis with any Anti-Virus scanner.
  ☆122Updated 7 months ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆96Updated 10 months ago
• OtterHacker / Hooker
  ☆103Updated 3 months ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆76Updated last year
• decoder-it / TokenStealer
  ☆165Updated last year
• Evi1Grey5 / Recursive-Loader
  Recursive Loader
  ☆101Updated 4 months ago
• ZERODETECTION / MSC_Dropper
  ☆139Updated 6 months ago