Alternatives and similar repositories for IllusiveFog

Users that are interested in IllusiveFog are comparing it to the libraries listed below

• mr-r3bot / bof-modules

  View on GitHub
  BOF for C2 framework
  ☆44Nov 9, 2024Updated last year
• trickster0 / NamelessC2

  View on GitHub
  Nameless C2 - A C2 with all its components written in Rust
  ☆282Sep 26, 2024Updated last year
• jsecu / ModTask

  View on GitHub
  ☆53Sep 23, 2025Updated 4 months ago
• NtDallas / Svartalfheim

  View on GitHub
  Stage 0
  ☆169Dec 18, 2024Updated last year
• c2pain / RustBird

  View on GitHub
  Early Bird APC Injection in Rust
  ☆63Oct 9, 2024Updated last year
• Teach2Breach / rpeloader

  View on GitHub
  use python on windows with full submodule support without installation
  ☆30Jan 23, 2025Updated last year
• paranoidninja / BRC4-BOF-Artillery

  View on GitHub
  ☆146Nov 6, 2025Updated 3 months ago
• Offensive-Panda / WPM-MAJIC-ENTRY-POINT-INJECTION

  View on GitHub
  This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…
  ☆18Oct 31, 2024Updated last year
• Teach2Breach / snapinject_rs

  View on GitHub
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆50Jan 25, 2025Updated last year
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated 11 months ago
• amjcyber / pwnlook

  View on GitHub
  An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…
  ☆166Oct 9, 2024Updated last year
• strozfriedberg / DUALITY

  View on GitHub
  ☆18Feb 29, 2024Updated last year
• rasta-mouse / PPEnum

  View on GitHub
  Simple BOF to read the protection level of a process
  ☆118May 10, 2023Updated 2 years ago
• 0xHossam / HuffLoader

  View on GitHub
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆282Apr 6, 2025Updated 10 months ago
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆231Feb 12, 2025Updated last year
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆208Dec 25, 2024Updated last year
• FalconForceTeam / bof-winrm-plugin-jump

  View on GitHub
  ☆33Jan 23, 2025Updated last year
• kozmer / aad-bofs

  View on GitHub
  ☆137Nov 17, 2025Updated 3 months ago
• voidvxvi / HellBunny

  View on GitHub
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆136Dec 22, 2024Updated last year
• HulkOperator / AuthStager

  View on GitHub
  ☆59Oct 24, 2024Updated last year
• dmcxblue / SharpGhostTask

  View on GitHub
  A C# port from Invoke-GhostTask
  ☆119Jan 5, 2024Updated 2 years ago
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆61Jun 9, 2025Updated 8 months ago
• nixpal / shellsilo

  View on GitHub
  SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…
  ☆154Aug 4, 2025Updated 6 months ago
• Mayyhem / Maestro

  View on GitHub
  Abusing Azure services over C2
  ☆368Jan 20, 2026Updated 3 weeks ago
• G0ldenGunSec / SCCM_SQL_Collector

  View on GitHub
  PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph
  ☆24Aug 2, 2025Updated 6 months ago
• CroodSolutions / BypassIT

  View on GitHub
  BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.
  ☆45Jul 6, 2025Updated 7 months ago
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆63Mar 19, 2024Updated last year
• SpecterOps / cred1py

  View on GitHub
  A Python POC for CRED1 over SOCKS5
  ☆164Oct 5, 2024Updated last year
• KingOfTheNOPs / Get-NetNTLM

  View on GitHub
  Internal Monologue BOF
  ☆79Dec 28, 2024Updated last year
• tijme / nimplant-beacon-position-independent-c-code

  View on GitHub
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆66Feb 11, 2025Updated last year
• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• Und3rf10w / CobaltStrikeBOFs

  View on GitHub
  Beacon Object Files used for Cobalt Strike
  ☆19Jul 18, 2023Updated 2 years ago
• susMdT / clr-thing

  View on GitHub
  rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
  ☆17Jan 6, 2024Updated 2 years ago
• SilvestriF3 / Passworld

  View on GitHub
  Passworld is a fully customizable wordlist generator
  ☆16Sep 13, 2024Updated last year
• melotic / nanostorm

  View on GitHub
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆21Dec 15, 2024Updated last year
• passtheticket / CVE-2024-38200

  View on GitHub
  CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability
  ☆146Jan 13, 2025Updated last year
• Karkas66 / CelestialSpark

  View on GitHub
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Mar 27, 2025Updated 10 months ago
• Offensive-Panda / .NET_PROFILER_DLL_LOADING

  View on GitHub
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆46Jul 29, 2024Updated last year
• susMdT / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆52Dec 4, 2023Updated 2 years ago