Alternatives and similar repositories for Extension-Kit

Users that are interested in Extension-Kit are comparing it to the libraries listed below

• 0xEr3bus / RdpStrike
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆241Updated last year
• mertdas / SharpIncrease
  A Tool that aims to evade av with binary padding
  ☆152Updated 11 months ago
• EricEsquivel / Inline-EA
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆257Updated 2 months ago
• maxDcb / C2TeamServer
  TeamServer and Client of Exploration Command and Control Framework
  ☆131Updated 3 weeks ago
• decoder-it / ADCSCoercePotato
  ☆226Updated last year
• VoldeSec / PatchlessInlineExecute-Assembly
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆238Updated 2 years ago
• sokaRepo / CoercedPotatoRDLL
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆206Updated last year
• Ghost53574 / havoc_profile_generator
  Havoc C2 profile generator
  ☆90Updated 8 months ago
• ScriptIdiot / BOF-patchit
  An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…
  ☆135Updated 2 years ago
• Ridter / atexec-pro
  Fileless atexec, no more need for port 445
  ☆386Updated last year
• mverschu / CVE-2025-33073
  PoC Exploit for the NTLM reflection SMB flaw.
  ☆347Updated last week
• Octoberfest7 / DropSpawn_BOF
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆269Updated 2 years ago
• Meowmycks / koneko
  Robust Cobalt Strike shellcode loader with multiple advanced evasion features
  ☆163Updated 2 months ago
• rweijnen / createdump
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆150Updated 9 months ago
• nickvourd / CS-Aggressor-Kit
  Homemade Aggressor scripts kit for Cobalt Strike
  ☆67Updated 3 months ago
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆180Updated 6 months ago
• zyn3rgy / smbtakeover
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆305Updated 7 months ago
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF
  ☆158Updated 2 years ago
• Hagrid29 / DuplicateDump
  Dumping LSASS with a duplicated handle from custom LSA plugin
  ☆201Updated 3 years ago
• MythicAgents / Xenon
  A Mythic agent for Windows written in C
  ☆126Updated 3 weeks ago
• CBLabresearch / Clematis
  PE to shellcode
  ☆218Updated 5 months ago
• tijme / cmstplua-uac-bypass
  Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.
  ☆185Updated 2 years ago
• je5442804 / WPTaskScheduler_CVE-2024-49039
  WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler
  ☆121Updated 7 months ago
• NtDallas / MemLoader
  Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible
  ☆90Updated this week
• Octoberfest7 / CVE-2023-36874_BOF
  Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
  ☆206Updated last year
• senzee1984 / InflativeLoading
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆313Updated last year
• F4l13n5n0w / sn0wldr
  This project is an AES loader for c2 shellcode
  ☆29Updated last year
• wsummerhill / CobaltStrike_BOF_Collections
  Useful Cobalt Strike BOFs found or used during engagements
  ☆140Updated last year
• Tw1sm / SQL-BOF
  Library of BOFs to interact with SQL servers
  ☆182Updated 2 months ago
• v1k1ngfr / fuegoshell
  Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445
  ☆54Updated last year