Alternatives and similar repositories for donut-decryptor:

Users that are interested in donut-decryptor are comparing it to the libraries listed below

• ZephrFish / QoL-BOFs
  Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
  ☆127Updated 3 months ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆93Updated 3 weeks ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆87Updated 3 weeks ago
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 8 months ago
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆145Updated 10 months ago
• NtDallas / Svartalfheim
  Stage 0
  ☆154Updated 3 months ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆118Updated last month
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆90Updated 9 months ago
• MultSec / MultCheck
  Identifies bad bytes from static analysis with any Anti-Virus scanner.
  ☆123Updated 8 months ago
• CodeXTF2 / WebcamBOF
  Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
  ☆133Updated this week
• trustedsec / DitExplorer
  Tool for viewing NTDS.dit
  ☆150Updated 2 weeks ago
• cybersectroll / SharpPersistSD
  ☆86Updated 10 months ago
• Karkas66 / CelestialSpark
  A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
  ☆84Updated 11 months ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆90Updated last year
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆162Updated 9 months ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆184Updated 4 months ago
• OtterHacker / Hooker
  ☆103Updated 5 months ago
• xalicex / LOLDrivers_finder
  ☆78Updated last year
• sensepost / mydumbedr
  ☆114Updated last year
• ipSlav / DirtyCLR
  An App Domain Manager Injection DLL PoC on steroids
  ☆167Updated last year
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆75Updated last year
• securifybv / BOFRyptor
  ☆121Updated last year
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆71Updated last year
• Wh04m1001 / CVE-2023-20178
  ☆92Updated last year
• CodeXTF2 / cobaltstrike-headless
  Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
  ☆147Updated 2 years ago
• wh0amitz / SharpRODC
  To audit the security of read-only domain controllers
  ☆114Updated last year
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆171Updated 3 months ago
• dmcxblue / SharpGhostTask
  A C# port from Invoke-GhostTask
  ☆113Updated last year
• rad9800 / FileRenameJunctionsEDRDisable
  ☆150Updated 3 months ago
• IncludeSecurity / c2-vulnerabilities
  PoCs of RCEs against open source C2 servers
  ☆80Updated 6 months ago