xforcered/VectoredExceptionHandling external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

xforcered/VectoredExceptionHandling

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xforcered/VectoredExceptionHandling)

Close

xforcered / VectoredExceptionHandlingView on GitHubMore

• External links
• Readme badge

☆36Aug 21, 2024Updated last year

Alternatives and similar repositories for VectoredExceptionHandling

Users that are interested in VectoredExceptionHandling are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆111Aug 21, 2024Updated last year
• loland / inlineExecute

  View on GitHub
  Cobalt Strike BOF
  ☆58Dec 10, 2025Updated 6 months ago
• passthehashbrowns / DInvokeProcessHollowing

  View on GitHub
  ☆31Aug 23, 2020Updated 5 years ago
• CCob / Shwmae

  View on GitHub
  ☆163Jan 27, 2025Updated last year
• silentwarble / hbin_template

  View on GitHub
  Post-Ex BOF tooling for Hannibal
  ☆24Nov 20, 2024Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• CICADA8-Research / RpcMotion

  View on GitHub
  Execute commands, in/exfiltrate files using your custom RPC Server
  ☆69Jan 13, 2026Updated 4 months ago
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆357Nov 19, 2024Updated last year
• nbaertsch / AutoAppDomainHijack

  View on GitHub
  Automated .NET AppDomain hijack payload generation
  ☆129Feb 4, 2025Updated last year
• OG-Sadpanda / SharpCat

  View on GitHub
  C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly
  ☆15Jul 15, 2021Updated 4 years ago
• Cobalt-Strike / eden

  View on GitHub
  A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…
  ☆128Jan 21, 2026Updated 4 months ago
• WKL-Sec / LayeredSyscall

  View on GitHub
  Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
  ☆308Jul 31, 2024Updated last year
• BaptisteVeyssiere / vba-macro-obfuscator

  View on GitHub
  Python script to obfuscate VBA (Virtual Basic for Applications) macros
  ☆61Jan 11, 2020Updated 6 years ago
• Maldev-Academy / RemoteTLSCallbackInjection

  View on GitHub
  Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
  ☆291Jan 21, 2024Updated 2 years ago
• Friends-Security / RedirectThread

  View on GitHub
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆203Jun 17, 2025Updated 11 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆702Oct 23, 2024Updated last year
• rweijnen / createdump

  View on GitHub
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆151Sep 20, 2024Updated last year
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆384Dec 13, 2024Updated last year
• racoten / CannonLoader

  View on GitHub
  Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs
  ☆24Jul 11, 2025Updated 10 months ago
• Cipher7 / ChaiLdr

  View on GitHub
  AV bypass while you sip your Chai!
  ☆223May 17, 2024Updated 2 years ago
• PrincipleCheck / KslKatzBof

  View on GitHub
  ☆84Apr 8, 2026Updated 2 months ago
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆127Sep 1, 2024Updated last year
• jakobfriedl / tgt-monitor-bof

  View on GitHub
  Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.
  ☆121Jun 2, 2026Updated last week
• Cipher7 / ApexLdr

  View on GitHub
  ApexLdr is a DLL Payload Loader written in C
  ☆115Jul 17, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• ChaitanyaHaritash / IllusiveFog

  View on GitHub
  Windows Administrator level Implant.
  ☆50Sep 28, 2024Updated last year
• Cipher7 / havoc-PoolParty

  View on GitHub
  Windows Thread Pool Injection Havoc Implementation
  ☆34Mar 23, 2024Updated 2 years ago
• Offensive-Panda / LsassReflectDumping

  View on GitHub
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆217Oct 19, 2024Updated last year
• kleiton0x00 / RtlHijack

  View on GitHub
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆79Aug 25, 2025Updated 9 months ago
• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year
• sliverarmory / beignet

  View on GitHub
  MacOS Shared Library to Shellcode Loader
  ☆69Feb 23, 2026Updated 3 months ago
• joe-desimone / rep-research

  View on GitHub
  ☆80Aug 5, 2024Updated last year
• Faran-17 / Hellshazzard

  View on GitHub
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Aug 13, 2024Updated last year
• warpedatom / OffsetInspect

  View on GitHub
  PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.
  ☆34Dec 31, 2025Updated 5 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆63Nov 8, 2024Updated last year
• mobdk / WinSpoof

  View on GitHub
  Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code
  ☆24Mar 13, 2023Updated 3 years ago
• connormcgarr / tgtdelegation

  View on GitHub
  tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"
  ☆178Nov 26, 2021Updated 4 years ago
• Wh04m1001 / PICDumper

  View on GitHub
  ☆26Mar 10, 2022Updated 4 years ago
• EspressoCake / ReadRemoteProcessCommandline_BOF

  View on GitHub
  ☆29May 10, 2024Updated 2 years ago
• InfinityCurveLabs / vm-filesystem

  View on GitHub
  Filesystem interaction via firebeam virtual machine execution
  ☆54Mar 26, 2026Updated 2 months ago
• xpn / mythic_mcp

  View on GitHub
  A simple POC to expose Mythic as a MCP server
  ☆74Mar 20, 2025Updated last year