Alternatives and similar repositories for nrat

Users that are interested in nrat are comparing it to the libraries listed below

• florylsk / NtDump
  Indirect NT syscalls LSASS dumper.
  ☆46Updated 2 years ago
• D00Movenok / goMalleable
  🔎🪲 Malleable C2 profiles parser and assembler written in golang
  ☆66Updated last year
• Arr3stY0u / geacon_plus
  CobaltStrike beacon written in golang
  ☆27Updated 2 years ago
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆85Updated 2 years ago
• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆39Updated 2 months ago
• jm33-m0 / go-lpe
  A collection of weaponized LPE exploits written in Go
  ☆53Updated 6 months ago
• Ne0nd0g / merlin-cli
  gRPC client for the Merlin Server
  ☆22Updated 3 months ago
• tijme / kernel-mii
  Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
  ☆83Updated 2 years ago
• Binject / exec2shell
  Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode
  ☆104Updated 2 years ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆99Updated 2 years ago
• almounah / GoDroplets
  Go Shellcode Loader to be Integrated in Exploration C2
  ☆27Updated 6 months ago
• S3cur3Th1sSh1t / Sharp-HackBrowserData
  C# binary with embeded golang hack-browser-data
  ☆98Updated 3 years ago
• netero1010 / ClipboardHistoryThief
  POC tool to extract all persistent clipboard history data from clipboard service process memory
  ☆47Updated last year
• BronzeTicket / ClipboardWindow-Inject
  CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback
  ☆68Updated 2 years ago
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆48Updated last year
• 7h3w4lk3r / Kill-Floor
  AV/EDR killer using BYOVD technique
  ☆33Updated 10 months ago
• c3r3br4t3 / ShadowRDP
  ☆73Updated last year
• wabzsy / gonut
  Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
  ☆59Updated 2 years ago
• weaselsec / GodPotato-Aggressor-Script
  ☆89Updated last year
• mrLochness350 / Libload-Reflective
  ☆13Updated 5 months ago
• akkuman / gSigFlip
  A SigFlip implement in golang
  ☆47Updated 3 years ago
• qwqdanchun / ScreenShot-BOF
  ☆42Updated 2 years ago
• timwhitez / Doge-BlockDLLs
  Preventing 3rd Party DLLs from Injecting into your Malware
  ☆25Updated 3 years ago
• MaorSabag / interactive-execute-shellcode
  A simple PoC of injection shellcode into a remote process and get the output using namepipe
  ☆43Updated last year
• truonghuuphuc / CVE-2024-39943-Poc
  CVE-2024-39943 rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authen…
  ☆19Updated last year
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆46Updated 2 months ago
• EvilBytecode / Enable-All-Tokens
  Enable-All-Tokens is a Go-based project designed to adjust and enable a list of specified privileges for the current process token on a W…
  ☆10Updated 3 months ago
• rashbx1 / RTO_Aggressor_Script
  Cobalt Strike Aggressor script create for RTO
  ☆15Updated last year
• l0n3m4n / bin2shell
  Convert binaries to shellcode (C, C#, CPP, ASM, BOF loader, PS to b64)
  ☆15Updated 2 months ago
• BlackINT3 / RedKits
  Cyber Security Reseraching and RedTeam Kits Code
  ☆39Updated 2 years ago