The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.
☆460Feb 25, 2026Updated last week
Alternatives and similar repositories for Wyrm
Users that are interested in Wyrm are comparing it to the libraries listed below
Sorting:
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- Linker for Beacon Object Files☆159Feb 22, 2026Updated last week
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆309Feb 16, 2026Updated 2 weeks ago
- Adversary Emulation Framework☆129Jul 1, 2025Updated 8 months ago
- AppLocker-Based EDR Neutralization☆323Dec 19, 2025Updated 2 months ago
- ☆36Jul 1, 2025Updated 8 months ago
- Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephe…☆502Oct 3, 2025Updated 5 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 5 months ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆49Nov 2, 2025Updated 4 months ago
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- KittyLoader is a highly evasive loader written in C / Assembly☆258Sep 22, 2025Updated 5 months ago
- BOF with Synthetic Stackframe☆230Oct 30, 2025Updated 4 months ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- command control framework☆32Feb 28, 2026Updated last week
- A tool to transform Chromium browsers into a C2 Implant☆555Dec 17, 2025Updated 2 months ago
- Easy peasy file uploads☆32Aug 29, 2025Updated 6 months ago
- A command and control framework written in rust.☆384Sep 4, 2025Updated 6 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆411Jan 11, 2026Updated last month
- Call Stack Spoofing for Rust☆210Jan 28, 2026Updated last month
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆186Jan 17, 2026Updated last month
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- ☆146Nov 6, 2025Updated 4 months ago
- Sleep Obfuscation in Rust☆278Dec 1, 2025Updated 3 months ago
- EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.☆807Nov 1, 2025Updated 4 months ago
- ☆137Feb 11, 2025Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆167Oct 21, 2025Updated 4 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- 免杀木马样本☆103Oct 11, 2025Updated 4 months ago
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆221Nov 3, 2025Updated 4 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆275Jul 1, 2025Updated 8 months ago
- AdaptixC2 is a highly modular advanced redteam toolkit☆2,758Updated this week
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆334Mar 6, 2025Updated last year
- POC of GITHUB simple C2 in rust☆52Jul 27, 2025Updated 7 months ago
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year