Alternatives and similar repositories for SysCook64

Users that are interested in SysCook64 are comparing it to the libraries listed below

• gerbsec / SmokeyObfuscator
  Rewrite to fit my needs
  ☆30Updated last year
• OffenseTeacher / Steganim
  ☆47Updated 2 years ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆61Updated last year
• brosck / APIHookingDetector
  「⚙️」Detect which native Windows API's (NtAPI) are being hooked
  ☆38Updated 7 months ago
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆55Updated last year
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆23Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated 11 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆27Updated 3 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆30Updated last year
• nullsection / Sneaky-DLL-Stager
  Reasonably undetected shellcode stager and executer.
  ☆37Updated 2 months ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆53Updated last year
• bot984397 / eepy
  ☆34Updated 3 months ago
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆102Updated 2 years ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆76Updated 11 months ago
• NVISOsecurity / cs2br-bof
  Run Cobalt Strike BOFs in Brute Ratel C4!
  ☆68Updated 3 months ago
• zimnyaa / PhaseDive
  Sleep Obfuscation
  ☆45Updated 2 years ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆63Updated last year
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69Updated 2 years ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆72Updated 9 months ago
• KingOfTheNOPs / EnableWebDAVClient-BOF
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆22Updated last year
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆25Updated 5 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆46Updated last year
• kyleavery / pendulum
  Linux Sleep Obfuscation
  ☆105Updated last year
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated last year
• zimnyaa / insomnia
  a stage1 DLL loader with sleep obfuscation
  ☆37Updated 2 years ago
• xelemental / Mal-LNK-Generator
  ☆34Updated 4 months ago
• fin3ss3g0d / IoDllProxyLoad
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆60Updated last year
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆73Updated last year
• ibaiC / FriendlyFireBOF
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆53Updated 3 months ago