Alternatives and similar repositories for Nightmangle

Users that are interested in Nightmangle are comparing it to the libraries listed below

• g0h4n / REC2

  View on GitHub
  REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs…
  ☆163Feb 22, 2024Updated last year
• xforcered / BOFMask

  View on GitHub
  ☆129Jun 28, 2023Updated 2 years ago
• foxlox / GIUDA

  View on GitHub
  Ask a TGS on behalf of another user without password
  ☆482Mar 30, 2025Updated 10 months ago
• MzHmO / NtlmThief

  View on GitHub
  Extracting NetNTLM without touching lsass.exe
  ☆242Nov 27, 2023Updated 2 years ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆158Nov 7, 2023Updated 2 years ago
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆259Jun 29, 2024Updated last year
• mertdas / RedPersist

  View on GitHub
  ☆222Mar 10, 2024Updated last year
• hakaioffsec / coffee

  View on GitHub
  A COFF loader made in Rust
  ☆327Aug 20, 2025Updated 5 months ago
• RalfHacker / Kerbeus-BOF

  View on GitHub
  BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
  ☆540Nov 23, 2025Updated 2 months ago
• senzee1984 / InflativeLoading

  View on GitHub
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆325Apr 12, 2024Updated last year
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆151Oct 2, 2023Updated 2 years ago
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆408Jan 11, 2026Updated last month
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆772Jan 26, 2026Updated 2 weeks ago
• trickster0 / NamelessC2

  View on GitHub
  Nameless C2 - A C2 with all its components written in Rust
  ☆282Sep 26, 2024Updated last year
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• SaadAhla / DocPlz

  View on GitHub
  Documents Exfiltration project for fun and educational purposes
  ☆145Oct 10, 2023Updated 2 years ago
• securifybv / BOFRyptor

  View on GitHub
  ☆122Oct 9, 2023Updated 2 years ago
• Octoberfest7 / MemFiles

  View on GitHub
  A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
  ☆474Jul 6, 2024Updated last year
• Kudaes / Shelter

  View on GitHub
  ROP-based sleep obfuscation to evade memory scanners
  ☆375Jun 22, 2025Updated 7 months ago
• 0xTriboulet / Revenant

  View on GitHub
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆389Jul 30, 2024Updated last year
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆246Sep 8, 2024Updated last year
• BlWasp / rs-shell

  View on GitHub
  A dirty PoC for a reverse shell with cool features in Rust
  ☆186Nov 25, 2025Updated 2 months ago
• Teach2Breach / Tempest

  View on GitHub
  A command and control framework written in rust.
  ☆385Sep 4, 2025Updated 5 months ago
• ps1337 / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Jul 21, 2022Updated 3 years ago
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆635May 8, 2025Updated 9 months ago
• Maldev-Academy / Christmas

  View on GitHub
  ☆259Jan 21, 2024Updated 2 years ago
• outflanknl / edr-internals

  View on GitHub
  Tools for analyzing EDR agents
  ☆277Jun 10, 2024Updated last year
• dobin / avred

  View on GitHub
  Analyse your malware to surgically obfuscate it
  ☆517Dec 17, 2025Updated last month
• RedSiege / GraphStrike

  View on GitHub
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆621Jun 25, 2024Updated last year
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆609Jan 2, 2025Updated last year
• D00Movenok / BounceBack

  View on GitHub
  ↕️🤫 Stealth redirector for your red team operation security
  ☆1,064Jul 6, 2025Updated 7 months ago
• JayGLXR / RustyMirage

  View on GitHub
  A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆38Mar 6, 2025Updated 11 months ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆671Aug 15, 2025Updated 6 months ago
• icyguider / LatLoader

  View on GitHub
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆307Dec 9, 2023Updated 2 years ago
• S3cur3Th1sSh1t / Caro-Kann

  View on GitHub
  Encrypted shellcode Injection to avoid Kernel triggered memory scans
  ☆407Sep 12, 2023Updated 2 years ago
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆231Feb 12, 2025Updated last year
• BC-SECURITY / IronSharpPack

  View on GitHub
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆118May 2, 2024Updated last year
• VoldeSec / PatchlessInlineExecute-Assembly

  View on GitHub
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆271Apr 17, 2023Updated 2 years ago
• Helixo32 / NimBlackout

  View on GitHub
  Kill AV/EDR leveraging BYOVD attack
  ☆390Jul 11, 2023Updated 2 years ago