awesome-repositories.com
Blog
awesome-repositories.com

Discover the best open-source repositories with AI-powered search.

ExploreCurated searchesOpen-source alternativesSelf-hosted softwareBlogSitemap
ProjectAboutHow we rankPressMCP server
LegalPrivacyTerms
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
Back to fuzzysecurity/sharp-suite

Open-source alternatives to Sharp Suite

30 open-source projects similar to fuzzysecurity/sharp-suite, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Sharp Suite alternative.

  • lolbas-project/lolbasLOLBAS-Project avatar

    LOLBAS-Project/LOLBAS

    8,323View on GitHub↗

    LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro

    XSLTblueteamdfirliving-off-the-land
    View on GitHub↗8,323
  • trustedsec/unicorntrustedsec avatar

    trustedsec/unicorn

    3,917View on GitHub↗

    Unicorn is a collection of utilities for generating malicious HTA files, VBA macros, encoded PowerShell commands, and memory-resident shellcode injection frameworks. It provides tools to create payloads designed to achieve remote code execution by bypassing security controls. The project focuses on weaponizing office documents through VBA macros and formulas, generating HTA attack vectors, and creating encoded PowerShell payloads. It includes a shellcode injection framework to wrap external shellcode for direct execution in system memory. The toolkit covers binary-to-base64 conversion for ce

    Python
    View on GitHub↗3,917
  • 3xpl01tc0d3r/processinjection3xpl01tc0d3r avatar

    3xpl01tc0d3r/ProcessInjection

    1,248View on GitHub↗

    This program is designed to demonstrate various process injection techniques

    C#
    View on GitHub↗1,248
  • api0cradle/ultimateapplockerbypasslistapi0cradle avatar

    api0cradle/UltimateAppLockerByPassList

    2,067View on GitHub↗

    The goal of this repository is to document the most common techniques to bypass AppLocker.

    PowerShell
    View on GitHub↗2,067

AI search

Explore more awesome repositories

Describe what you need in plain English — the AI ranks thousands of curated open-source projects by relevance.

Find more with AI search
  • aptortellini/undefenderAPTortellini avatar

    APTortellini/unDefender

    360View on GitHub↗

    unDefender is the C++ implementation of a technique originally described by @jonasLyk in this Twitter thread. At its core, this technique revolves around changing the \Device\BootDevice symbolic link in the Windows Object Manager so that when Defender's WdFilter driver is unloaded and loaded…

    C++
    View on GitHub↗360
  • arno0x/shellcodewrapperA

    Arno0x/ShellcodeWrapper

    0View on GitHub↗
    View on GitHub↗0
  • bats3c/evtmutebats3c avatar

    bats3c/EvtMute

    264View on GitHub↗

    This is a tool that allows you to offensively use YARA to apply a filter to the events being reported by windows event logging.

    C#
    View on GitHub↗264
  • djhohnstein/scatterbrainD

    djhohnstein/ScatterBrain

    0View on GitHub↗
    View on GitHub↗0
  • c-sto/bananaphoneC

    C-Sto/BananaPhone

    0View on GitHub↗
    View on GitHub↗0
  • ccob/sharpblockCCob avatar

    CCob/SharpBlock

    1,163View on GitHub↗
    C#
    View on GitHub↗1,163
  • cerbersec/killdefenderbofCerbersec avatar

    Cerbersec/KillDefenderBOF

    236View on GitHub↗

    KillDefenderBOF is a Beacon Object File PoC implementation of pwn1sher/KillDefender which is based on research by Gabriel Landau. The article can be found here.

    C
    View on GitHub↗236
  • choisg/uuidshellcodeexecC

    ChoiSG/UuidShellcodeExec

    0View on GitHub↗
    View on GitHub↗0
  • cribdragg3r/alarisC

    cribdragg3r/Alaris

    0View on GitHub↗
    View on GitHub↗0
  • d00mfist/go4arunD

    D00MFist/Go4aRun

    0View on GitHub↗
    View on GitHub↗0
  • djhohnstein/csharpsetthreadcontextD

    djhohnstein/CSharpSetThreadContext

    0View on GitHub↗
    View on GitHub↗0
  • bats3c/darkloadlibrarybats3c avatar

    bats3c/DarkLoadLibrary

    1,180View on GitHub↗

    LoadLibrary for offensive operations

    C
    View on GitHub↗1,180
  • flangvik/netloaderFlangvik avatar

    Flangvik/NetLoader

    849View on GitHub↗

    Loads any C# binary from filepath or url, patching AMSI and unhooks ETW

    C#
    View on GitHub↗849
  • getrektboy724/sharpunhookerGetRektBoy724 avatar

    GetRektBoy724/SharpUnhooker

    408View on GitHub↗

    C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll, kernel32.dll, advapi32.dll, and kernelbase.dll). SharpUnhooker helps you to evades user-land monitoring done by AVs and/or EDRs by cleansing/refreshing API DLLs that loaded on the process (Offensive Side) or remove API…

    C#
    View on GitHub↗408
  • hlldz/invoke-phant0mH

    hlldz/Invoke-Phant0m

    0View on GitHub↗
    View on GitHub↗0
  • hlldz/phant0mhlldz avatar

    hlldz/Phant0m

    1,807View on GitHub↗

    Svchost is essential in the implementation of so-called shared service processes, where a number of services can share a process in order to reduce resource consumption. Grouping multiple services into a single process conserves computing resources, and this consideration was of particular…

    C
    View on GitHub↗1,807
  • hlldz/reflexxionhlldz avatar

    hlldz/RefleXXion

    500View on GitHub↗

    RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCreateSection, NtOpenSection and NtMapViewOfSection found in the LdrpThunkSignature array. After…

    C++
    View on GitHub↗500
  • johnwoodman/stealthinjectorJ

    JohnWoodman/stealthInjector

    0View on GitHub↗
    View on GitHub↗0
  • jthuraisamy/syswhispers2J

    jthuraisamy/SysWhispers2

    0View on GitHub↗

    SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls.

    View on GitHub↗0
  • kharos102/ntdllunpatcherKharos102 avatar

    Kharos102/NtdllUnpatcher

    151View on GitHub↗

    Example code for EDR bypassing, please use this for testing blue team detection capabilities against this type of malware that will bypass EDR's userland hooks. Code is a bit spaghetti-like at the moment and serves only as a PoC. Not for malicious use. Note that this particular code was tested…

    C++
    View on GitHub↗151
  • knownsec/shellcodeloaderknownsec avatar

    knownsec/shellcodeloader

    1,748View on GitHub↗

    shellcodeloader

    C++
    View on GitHub↗1,748
  • kyleavery/aceldrkyleavery avatar

    kyleavery/AceLdr

    1,020View on GitHub↗

    A position-independent reflective loader for Cobalt Strike. Zero results from Hunt-Sleeping-Beacons, BeaconHunter, BeaconEye, Patriot, Moneta, PE-sieve, or MalMemDetect.

    C
    View on GitHub↗1,020
  • lem0nsec/shellghostlem0nSec avatar

    lem0nSec/ShellGhost

    1,199View on GitHub↗

    A memory-based evasion technique which makes shellcode invisible from process start to end.

    C
    View on GitHub↗1,199
  • antoniococo/mapping-injectionA

    antonioCoco/Mapping-Injection

    0View on GitHub↗
    View on GitHub↗0
  • mattifestation/ef0132ba4ae3cc136914da32a88106b9M

    mattifestation/ef0132ba4ae3cc136914da32a88106b9

    0View on GitHub↗
    View on GitHub↗0
  • 0xer3bus/poolpartybof0xEr3bus avatar

    0xEr3bus/PoolPartyBof

    452View on GitHub↗

    A beacon object file implementation of PoolParty Process Injection Technique by @SafeBreach and @0xDeku, that abuses Windows Thread Pools. The BOF supports the 5 technique/variant: - Insert TPIO work item to the target process's thread pool. - Insert TPALPC work item to the target process's…

    C
    View on GitHub↗452