Alternatives and similar repositories for emerald_template

Users that are interested in emerald_template are comparing it to the libraries listed below

• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆60Jan 5, 2026Updated last month
• vilewired / XenoStealerLib

  View on GitHub
  This is a library for stealing browser passwords, crypto stuff, password manager extension stuff, and just general applications too
  ☆11May 10, 2024Updated last year
• jonny-jhnson / ProcCallback

  View on GitHub
  An example of how a driver can register a handle creation callback.
  ☆16Jun 12, 2023Updated 2 years ago
• WJDigby / hashms

  View on GitHub
  Periodically check hashcat cracking progress and notify of success.
  ☆10Dec 18, 2018Updated 7 years ago
• dgros / Malware_Analyzer

  View on GitHub
  Framework complet d'analyse de malware
  ☆12Feb 22, 2016Updated 9 years ago
• 0xtengu / Cloak64

  View on GitHub
  ☆48Dec 21, 2025Updated last month
• 0xTriboulet / ai-postex

  View on GitHub
  Proof-of-concept implementation of AI-enabled postex DLLs
  ☆54Sep 10, 2025Updated 5 months ago
• ricardojoserf / w11_shadow_copies

  View on GitHub
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆81Jan 26, 2026Updated 2 weeks ago
• bmiller08 / Win10QuickSecure

  View on GitHub
  Changes MDM registry keys without the need for an MDM server to quickly disable WiFi-Sense and handle other potential security concerns i…
  ☆15Aug 10, 2015Updated 10 years ago
• ofasgard / execute-assembly-pico

  View on GitHub
  A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.
  ☆128Jan 28, 2026Updated 2 weeks ago
• itaymigdal / NimProtect

  View on GitHub
  A tiny macro library for protecting sensitive strings in compiled binaries
  ☆40Oct 8, 2024Updated last year
• F41zK4r1m / GCP-Hound

  View on GitHub
  GCP-Hound - Google Cloud Security Attack Path Discovery Tool - v1.1.1
  ☆68Oct 11, 2025Updated 4 months ago
• whokilleddb / ClickForClickOnce

  View on GitHub
  ClickForClickOnce - Generate configurable clickonce payloads
  ☆88Oct 10, 2025Updated 4 months ago
• sakkis91 / SandboxPPL

  View on GitHub
  Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.
  ☆12May 28, 2025Updated 8 months ago
• pedro-javierf / Twicexploit

  View on GitHub
  Proof of concept open source implementation of an UAC bypass exploit, based in 2 windows failures.
  ☆12Jun 2, 2020Updated 5 years ago
• Print3M / epic

  View on GitHub
  PIC shellcode (C/C++) development toolkit designed for malware developers.
  ☆119Dec 23, 2025Updated last month
• CCob / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆16Dec 6, 2024Updated last year
• xRedCodex / BofArsenal

  View on GitHub
  The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23
  ☆23Jun 19, 2025Updated 7 months ago
• ahhh / GoRedDeath

  View on GitHub
  Experimenting with destructive file attacks in Go
  ☆19May 20, 2019Updated 6 years ago
• EvanMcBroom / sleepy

  View on GitHub
  A lexer and parser for Sleep
  ☆20May 14, 2025Updated 8 months ago
• MaorSabag / impacket-jump

  View on GitHub
  Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…
  ☆119Dec 7, 2025Updated 2 months ago
• kyxiaxiang / Safetasklist

  View on GitHub
  Help red teams find opsec processes during engagements
  ☆42Dec 7, 2024Updated last year
• HuskyHacks / windows-x64-shellcode-pipeline

  View on GitHub
  A Dockerized build pipeline for custom Windows x64 shellcode
  ☆53Dec 12, 2025Updated 2 months ago
• 0xTriboulet / rssh-rs

  View on GitHub
  ☆55May 31, 2025Updated 8 months ago
• wolfcod / beacondbg

  View on GitHub
  Beacon Debugger
  ☆55Oct 28, 2024Updated last year
• cirosec / warbird-demos

  View on GitHub
  ☆44Nov 7, 2024Updated last year
• artemy-ccrsky / DecryptRecoveryLAPS_RPC

  View on GitHub
  A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.
  ☆29Jun 9, 2025Updated 8 months ago
• sensepost / bloatware-pwn

  View on GitHub
  LPE / RCE Exploits for various vulnerable "Bloatware" products
  ☆84Aug 5, 2025Updated 6 months ago
• jrrgimenez / Nim-HalosGate-Injector

  View on GitHub
  Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.
  ☆20Feb 2, 2022Updated 4 years ago
• WKL-Sec / docker-cobaltstrike

  View on GitHub
  Docker container for running CobaltStrike 4.7 and above
  ☆24Mar 20, 2025Updated 10 months ago
• Adepts-Of-0xCC / SnoopyOwl

  View on GitHub
  ☆48May 12, 2021Updated 4 years ago
• Ne0nd0g / winhttp

  View on GitHub
  A library to make HTTP requests with the Windows winhttp API
  ☆25Feb 8, 2024Updated 2 years ago
• OffenseTeacher / Steganim

  View on GitHub
  ☆46Jun 21, 2023Updated 2 years ago
• monoxgas / minibus

  View on GitHub
  Remote code execution in Power Platform connectors via JSON deserialization
  ☆23Mar 30, 2023Updated 2 years ago
• airbus-cert / cacdec

  View on GitHub
  The hidden mstsc recorder player
  ☆27Mar 9, 2020Updated 5 years ago
• zenhumany / blackhat_asia_2017

  View on GitHub
  black hat Asia 2017 Slides
  ☆22Mar 30, 2017Updated 8 years ago
• bohops / COM-to-the-Darkside

  View on GitHub
  Slides and resources from MCTTP 2025 Talk
  ☆66Oct 26, 2025Updated 3 months ago
• Hagrid29 / BOF-CredUI

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt
  ☆23Nov 23, 2022Updated 3 years ago
• whokilleddb / sinister-vsix

  View on GitHub
  Blog/Journal on how to backdoor VSCode extensions
  ☆76Updated this week