Alternatives and similar repositories for Voidmaw

Users that are interested in Voidmaw are comparing it to the libraries listed below

• kleiton0x00 / Proxy-DLL-Loads
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆350Updated 5 months ago
• deepinstinct / DCOMUploadExec
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆371Updated 7 months ago
• senzee1984 / MutationGate
  Use hardware breakpoint to dynamically change SSN in run-time
  ☆261Updated last year
• Maldev-Academy / Christmas
  ☆260Updated last year
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆285Updated last year
• rad9800 / BootExecuteEDR
  ☆401Updated 7 months ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆268Updated 9 months ago
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆177Updated 3 months ago
• ricardojoserf / NativeBypassCredGuard
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆243Updated 3 months ago
• zer0condition / mhydeath
  Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
  ☆398Updated last year
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆229Updated 7 months ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆200Updated 5 months ago
• hasherezade / waiting_thread_hijacking
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆222Updated last month
• Cracked5pider / earlycascade-injection
  early cascade injection PoC based on Outflanks blog post
  ☆220Updated 8 months ago
• scrt / PowerChell
  A PowerShell console in C/C++ with all the security features disabled
  ☆256Updated last month
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆191Updated last year
• andreisss / Ghosting-AMSI
  Ghosting-AMSI
  ☆205Updated 2 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆228Updated 6 months ago
• Maldev-Academy / RemoteTLSCallbackInjection
  Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
  ☆262Updated last year
• senzee1984 / EDRPrison
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆418Updated 11 months ago
• WKL-Sec / LayeredSyscall
  Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
  ☆265Updated 11 months ago
• Azr43lKn1ght / Rusty-PE-Packer
  ☆12Updated 6 months ago
• cpu0x00 / Ghost
  Evasive shellcode loader
  ☆375Updated 8 months ago
• BlackSnufkin / BYOVD
  Some POCs for my BYOVD research and find some vulnerable drivers
  ☆260Updated last month
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆364Updated last week
• rasta-mouse / OST-C2-Spec
  Open Source C&C Specification
  ☆262Updated 4 months ago
• OtterHacker / Conferences
  ☆303Updated 8 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆129Updated 2 months ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆264Updated 3 months ago
• dobin / SuperMega
  Stealthily inject shellcode into an executable
  ☆231Updated 3 weeks ago