Alternatives and similar repositories for flower:

Users that are interested in flower are comparing it to the libraries listed below

• 0prrr / Malwear-Sweet
  Malware?
  ☆69Updated 6 months ago
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆157Updated 7 months ago
• NetSPI / BOF-PE
  An example reference design for a proposed BOF PE
  ☆159Updated this week
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆130Updated 8 months ago
• xforcered / Being-A-Good-CLR-Host
  ☆103Updated 3 months ago
• rbmm / SC_DEMO
  ☆114Updated last month
• akamai / Mirage
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆76Updated last month
• NtDallas / Draugr
  BOF with Synthetic Stackframe
  ☆143Updated last month
• FalconForceTeam / bof-winrm-client
  ☆108Updated 2 months ago
• eversinc33 / PSXecute
  MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.
  ☆113Updated 4 months ago
• Kudaes / Eclipse
  Activation Context Hijack
  ☆152Updated 4 months ago
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆42Updated 9 months ago
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆76Updated 2 months ago
• Octoberfest7 / enumhandles_BOF
  ☆127Updated 7 months ago
• decoder-it / RelabelAbuse
  ☆61Updated 10 months ago
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆259Updated 7 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆152Updated 4 months ago
• zero2504 / Early-Cryo-Bird-Injections
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆89Updated 2 weeks ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆182Updated 3 months ago
• mansk1es / GhostFart
  ☆135Updated last year
• NtDallas / OdinLdr
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆113Updated 2 months ago
• Cracked5pider / CodeCave
  A bunch of scripts and code i wrote.
  ☆139Updated 5 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆74Updated 8 months ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆73Updated 3 months ago
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆210Updated 7 months ago
• xforcered / ForsHops
  ForsHops
  ☆98Updated 3 weeks ago
• securifybv / BOFRyptor
  ☆121Updated last year
• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆112Updated 5 months ago
• MzHmO / SymProcAddress
  Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
  ☆141Updated last year
• boku7 / patchwerk
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆173Updated 2 months ago