Step through PE functions or shellcode instruction-by-instruction (amd64)
☆42May 4, 2026Updated 2 months ago
Alternatives and similar repositories for emulat3
Users that are interested in emulat3 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Native C++ access to Active Directory over ADWS, no .NET, no WCF, no HTTP stack.☆81Mar 27, 2026Updated 3 months ago
- A sleepmask based on Ekko that preserves unwind data at sleep time.☆54Mar 30, 2026Updated 3 months ago
- Havoc C2 BOF — WFP kernel-space SYSTEM escalation + command execution with indirect syscalls, patchless AMSI/ETW bypass, and return addre…☆79Mar 22, 2026Updated 3 months ago
- abusing windows toast notifications for fun and user manipulation☆105Updated this week
- Object file loader implemented as a post-ex DLL for asynchronous BOF execution.☆29Jun 15, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A BOF designed to inspect processes memory and addresses☆40Apr 19, 2026Updated 2 months ago
- Bypassing EDR's with stealthy c++ telegram Bot and Telegram itself as C2 interface !☆43Mar 24, 2026Updated 3 months ago
- BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation☆132Mar 27, 2026Updated 3 months ago
- InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution☆161Updated this week
- Bof of RegPwn by MDSec☆127Mar 15, 2026Updated 4 months ago
- Repository for mona v3 - Corelan's exploit dev tool for Windbg, WindbgX etc☆83Jul 8, 2026Updated last week
- PoC for CVE-2026-3609 - XIGNCODE3 xhunter1.sys handle leak enabling PPL bypass and LSASS dumping☆29May 12, 2026Updated 2 months ago
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated last year
- Stealthy .NET assembly loading using AssemblyNative::LoadFromBuffer☆58Mar 22, 2026Updated 3 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- ☆198Jun 11, 2026Updated last month
- Demonstrating 3 persistence layers from a single EXE, that converts itself into proxy DLLs at runtime☆94Mar 29, 2026Updated 3 months ago
- Salesforce identity and permission graph collector for BloodHound CE. Maps users, profiles, permission sets, roles, groups, sharing rules…☆47Jun 25, 2026Updated 3 weeks ago
- Surgical UNWIND_INFO preservation for sleep masking without call stack spoofing.☆56Mar 30, 2026Updated 3 months ago
- A credential extraction BOF for Veeam Backup and Replication and Veeam One☆78Jul 1, 2026Updated 2 weeks ago
- ☆61Dec 10, 2025Updated 7 months ago
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆63May 4, 2026Updated 2 months ago
- RunPE adapted for x64 and written in C, does not use RWX☆27May 18, 2024Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆85Feb 12, 2026Updated 5 months ago
- A Rust template for writing Beacon Object Files (BOFs)☆128Feb 11, 2026Updated 5 months ago
- DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.☆210Jun 25, 2026Updated 3 weeks ago
- Another new coercion primitive with LPE - machine-account NTLM coercion from a non-admin user via Windows Store InstallService plugin res…☆86Jun 20, 2026Updated 3 weeks ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Tailscale/Headscale C2 profile and agent for Mythic☆25Mar 14, 2026Updated 4 months ago
- In-memory BOF implementation of Silent Process Exit LSASS dump via RtlReportSilentProcessExit☆19Apr 14, 2026Updated 3 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 5 months ago
- A C# tool for extracting information from SCCM PXE boot media.☆57May 21, 2026Updated last month
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- Cortex C2 is a Open source Linux C2 inspired by the void link C2 framework☆44May 29, 2026Updated last month
- Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions☆72Nov 15, 2025Updated 8 months ago
- BYOVD hunter to help prioritize windows drivers worth manual analysis☆130Aug 19, 2025Updated 10 months ago
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆228Dec 17, 2025Updated 6 months ago
- Phantom is project created to perform loading and executing unmanaged code in memory within an IIS environment running in full‑trust mode…☆107Jun 5, 2026Updated last month
- .NET CLR-Stomping☆146May 20, 2026Updated last month