Alternatives and similar repositories for gopher47

Users that are interested in gopher47 are comparing it to the libraries listed below

• iDigitalFlame / XMT

  View on GitHub
  eXtensiable Malware Toolkit: Full Featured Golang C2 Framework with Awesome Features
  ☆104Dec 17, 2025Updated last month
• timwhitez / Doge-HeapAlloc

  View on GitHub
  ☆14Sep 2, 2021Updated 4 years ago
• SaadAhla / PSpersist

  View on GitHub
  Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…
  ☆86Aug 2, 2023Updated 2 years ago
• akkuman / gSchtasks

  View on GitHub
  windows task scheduler in golang
  ☆29Sep 6, 2021Updated 4 years ago
• f1zm0 / hades

  View on GitHub
  Go shellcode loader that combines multiple evasion techniques
  ☆388Jun 21, 2023Updated 2 years ago
• djackreuter / proc_noprocdump

  View on GitHub
  Dump LSASS by spoofing command line arguments to procdump.
  ☆20Oct 21, 2024Updated last year
• mjwhitta / win

  View on GitHub
  Windows API/constants, identity, and WinHTTP/WinINet for Go.
  ☆19Jan 13, 2026Updated last month
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆146May 18, 2024Updated last year
• dreamkinn / go-ThreadlessInject

  View on GitHub
  Golang implementation of @CCob's C# ThreadlessInject
  ☆31May 11, 2024Updated last year
• Ne0nd0g / go-clr

  View on GitHub
  A PoC package for hosting the CLR and executing .NET from Go
  ☆78Jul 9, 2024Updated last year
• knightswd / WindowsHackCode

  View on GitHub
  Code with Windows Hacker
  ☆12Oct 14, 2022Updated 3 years ago
• CryptoBreach / UnhookPoC

  View on GitHub
  A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
  ☆10Dec 16, 2021Updated 4 years ago
• trustedsec / CS_COFFLoader

  View on GitHub
  ☆131Dec 4, 2023Updated 2 years ago
• aus / gopherheaven

  View on GitHub
  Go implementation of the Heaven's Gate technique
  ☆102Feb 11, 2021Updated 5 years ago
• Enelg52 / KittyStager

  View on GitHub
  KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…
  ☆229Jun 6, 2023Updated 2 years ago
• MythicMeta / MythicContainer

  View on GitHub
  GoLang package for creating Mythic Payload Types, C2 Profiles, Translation Services, WebHook listeners, and Loggers
  ☆23Dec 15, 2025Updated last month
• RistBS / ContextMenuHijack

  View on GitHub
  Execute a payload at each right click on a file/folder in the explorer menu for persistence
  ☆176Mar 15, 2023Updated 2 years ago
• jazzpizazz / BloodHound.py-Kerberos

  View on GitHub
  A Python based ingestor for BloodHound
  ☆85Sep 26, 2022Updated 3 years ago
• f1zm0 / acheron

  View on GitHub
  indirect syscalls for AV/EDR evasion in Go assembly
  ☆365Jun 13, 2023Updated 2 years ago
• SaadAhla / D1rkLdr

  View on GitHub
  Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…
  ☆323Aug 2, 2023Updated 2 years ago
• paranoidninja / Proxy-DLL-Loads

  View on GitHub
  The code is a pingback to the Dark Vortex blog:
  ☆187Jan 26, 2023Updated 3 years ago
• Mr-Un1k0d3r / AMSI-ETW-Patch

  View on GitHub
  Patch AMSI and ETW
  ☆250May 8, 2024Updated last year
• kensh1ro / Willie-C2

  View on GitHub
  A Golang implant that uses Discord as a C2 team server
  ☆65Nov 28, 2024Updated last year
• MartinIngesen / TokenStomp

  View on GitHub
  C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
  ☆145Feb 23, 2022Updated 3 years ago
• sairson / WebGuard

  View on GitHub
  WebGuard是根据 风起师傅的RedGuard 和 mgeeky师傅的RedWarden结合出来的http请求过滤器go包，亦在帮助采用go编写C2 http监听器做流量过滤和规则匹配
  ☆29Jun 26, 2022Updated 3 years ago
• memN0ps / venom-rs

  View on GitHub
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆360Mar 2, 2024Updated last year
• Mav3rick33 / ZenLdr

  View on GitHub
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆101Feb 28, 2023Updated 2 years ago
• deepinstinct / AMSI-Unchained

  View on GitHub
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆91Nov 24, 2022Updated 3 years ago
• ZeroMemoryEx / Tokenizer

  View on GitHub
  Kernel Mode Driver for Elevating Process Privileges
  ☆134Mar 23, 2023Updated 2 years ago
• CodeXTF2 / HavocNotion

  View on GitHub
  A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …
  ☆91Oct 10, 2022Updated 3 years ago
• praetorian-inc / INTRACTABLEGIRAFFE

  View on GitHub
  A Proof of Concept Rootkit Demonstrating Keylogging and Virtual File System (VFS) Capabilities
  ☆76Sep 21, 2022Updated 3 years ago
• LethalSnake1337 / PE-Loader-exercise

  View on GitHub
  A simple PE loader.
  ☆27Dec 9, 2022Updated 3 years ago
• Wh04m1001 / RazerEoP

  View on GitHub
  ☆27Jan 9, 2023Updated 3 years ago
• timwhitez / Doge-Misc

  View on GitHub
  杂 物 收 纳
  ☆15Aug 4, 2023Updated 2 years ago
• eversinc33 / Talks

  View on GitHub
  Repository for slide decks of public talks I've given.
  ☆14Apr 23, 2023Updated 2 years ago
• DamonMohammadbagher / NativePayloads

  View on GitHub
  All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
  ☆234Oct 8, 2024Updated last year
• rkbennett / pyThreadlessInject

  View on GitHub
  A python port of CCob's ThreadlessInject
  ☆25Mar 18, 2023Updated 2 years ago
• timwhitez / Doge-MemX

  View on GitHub
  Golang implementation of Reflective load PE from memory
  ☆64Jan 10, 2022Updated 4 years ago
• 0xTriboulet / Revenant

  View on GitHub
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆389Jul 30, 2024Updated last year