Alternatives and similar repositories for AdaptixC2:

Users that are interested in AdaptixC2 are comparing it to the libraries listed below

• Xre0uS / MultiDump
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆508Updated this week
• lypd0 / DeadPotato
  DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…
  ☆378Updated 7 months ago
• Offensive-Panda / ShadowDumper
  Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…
  ☆514Updated last month
• Maldev-Academy / ExecutePeFromPngViaLNK
  Extract and execute a PE embedded within a PNG file using an LNK file.
  ☆395Updated 5 months ago
• vxCrypt0r / Voidgate
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆511Updated 9 months ago
• rad9800 / BootExecuteEDR
  ☆352Updated 3 months ago
• Meowmycks / LetMeowIn
  A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
  ☆394Updated 8 months ago
• CICADA8-Research / RemoteKrbRelay
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆567Updated 9 months ago
• ricardojoserf / TrickDump
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆438Updated last month
• cpu0x00 / Ghost
  Evasive shellcode loader
  ☆351Updated 5 months ago
• icyguider / UAC-BOF-Bonanza
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆490Updated last year
• senzee1984 / InflativeLoading
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆305Updated 11 months ago
• matro7sh / myph
  shellcode loader for your evasion needs
  ☆317Updated 4 months ago
• WKL-Sec / Malleable-CS-Profiles
  A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
  ☆413Updated last year
• safedv / RustPotato
  A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…
  ☆256Updated 2 months ago
• RedSiege / GraphStrike
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆579Updated 9 months ago
• EvilBytecode / EDR-XDR-AV-Killer
  Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
  ☆266Updated last week
• 0x6rss / CVE-2025-24071_PoC
  CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
  ☆202Updated last week
• MzHmO / LeakedWallpaper
  Leak of any user's NetNTLM hash. Fixed in KB5040434
  ☆252Updated 7 months ago
• Ridter / atexec-pro
  Fileless atexec, no more need for port 445
  ☆363Updated last year
• senzee1984 / EDRPrison
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆396Updated 8 months ago
• N1k0la-T / CVE-2023-36745
  ☆162Updated last year
• hackvens / CoercedPotato
  ☆228Updated 4 months ago
• CICADA8-Research / Spyndicapped
  COM ViewLogger — new malware keylogging technique
  ☆348Updated 2 months ago
• REDMED-X / OperatorsKit
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆571Updated 8 months ago
• MrAle98 / CVE-2024-49138-POC
  POC exploit for CVE-2024-49138
  ☆246Updated last month
• wh0amitz / PetitPotato
  Local privilege escalation via PetitPotam (Abusing impersonate privileges).
  ☆426Updated 2 years ago
• tylerdotrar / SigmaPotato
  SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…
  ☆311Updated 10 months ago
• wh0amitz / S4UTomato
  Escalate Service Account To LocalSystem via Kerberos
  ☆393Updated last year
• kyxiaxiang / Beacon_Source
  not a reverse-engineered version of the Cobalt Strike Beacon
  ☆355Updated last year