Diverto/IPPrintC2

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Diverto/IPPrintC2)

Diverto / IPPrintC2

PoC for using MS Windows printers for persistence / command and control via Internet Printing

☆150

Alternatives and similar repositories for IPPrintC2

Users that are interested in IPPrintC2 are comparing it to the libraries listed below

Sorting:

d419h / IconJector
View on GitHub
Inject DLLs into the explorer process using icons
☆407May 18, 2025Updated 10 months ago
synacktiv / DLHell
View on GitHub
Local & remote Windows DLL Proxying
☆169Jun 17, 2024Updated last year
vxCrypt0r / Voidgate
View on GitHub
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
☆592Jun 12, 2024Updated last year
Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
View on GitHub
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
☆290May 27, 2024Updated last year
blackarrowsec / Handly
View on GitHub
Abuse leaked token handles.
☆136Dec 14, 2023Updated 2 years ago
Helixo32 / CrimsonEDR
View on GitHub
Simulate the behavior of AV/EDR for malware development training.
☆565Feb 15, 2024Updated 2 years ago
dmcxblue / SharpGhostTask
View on GitHub
A C# port from Invoke-GhostTask
☆120Jan 5, 2024Updated 2 years ago
cybersectroll / TrollDump
View on GitHub
☆84May 19, 2024Updated last year
Mr-Un1k0d3r / .NetConfigLoader
View on GitHub
.net config loader
☆349Nov 9, 2023Updated 2 years ago
florylsk / ExecIT
View on GitHub
Execute shellcode files with rundll32
☆218Jan 28, 2024Updated 2 years ago
a7t0fwa7 / DllDragon
View on GitHub
A simple to use single-include Windows API resolver
☆23Jul 9, 2024Updated last year
0xsp-SRD / MDE_Enum
View on GitHub
comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
☆211Jun 10, 2024Updated last year
maliciousgroup / RDI-SRDI
View on GitHub
This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
☆87Apr 11, 2023Updated 2 years ago
SafeBreach-Labs / CortexVortex
View on GitHub
☆81Apr 23, 2024Updated last year
kleiton0x00 / Proxy-DLL-Loads
View on GitHub
A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
☆412Jan 11, 2026Updated 2 months ago
weaselsec / ClickOnce-AppDomain-Manager-Injection
View on GitHub
Click Once + App Domain
☆67Feb 23, 2026Updated 3 weeks ago
outflanknl / edr-internals
View on GitHub
Tools for analyzing EDR agents
☆278Jun 10, 2024Updated last year
itaymigdal / LOLSpoof
View on GitHub
An interactive shell to spoof some LOLBins command line
☆188Jan 27, 2024Updated 2 years ago
HulkOperator / AuthStager
View on GitHub
☆59Oct 24, 2024Updated last year
amjcyber / pwnlook
View on GitHub
An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…
☆166Oct 9, 2024Updated last year
Karkas66 / CelestialSpark
View on GitHub
Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
☆103Mar 27, 2025Updated 11 months ago
vxCrypt0r / AMSI_VEH
View on GitHub
A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
☆169May 30, 2024Updated last year
Octoberfest7 / DropSpawn_BOF
View on GitHub
CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
☆286Jun 8, 2023Updated 2 years ago
rasta-mouse / CsWhispers
View on GitHub
Source generator to add D/Invoke and indirect syscall methods to a C# project.
☆190Mar 4, 2024Updated 2 years ago
georgesotiriadis / Chimera
View on GitHub
Automated DLL Sideloading Tool With EDR Evasion Capabilities
☆505Dec 19, 2023Updated 2 years ago
daddycocoaman / azbelt
View on GitHub
AAD related enumeration in Nim
☆131Sep 7, 2023Updated 2 years ago
Slowerzs / ThievingFox
View on GitHub
☆569Mar 28, 2024Updated last year
CICADA8-Research / RemoteKrbRelay
View on GitHub
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
☆640May 8, 2025Updated 10 months ago
netero1010 / GhostTask
View on GitHub
A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
☆617Jan 2, 2025Updated last year
MalwareTech / EDRception
View on GitHub
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
☆204Dec 27, 2023Updated 2 years ago
ZephrFish / ADFSDump-PS
View on GitHub
PowerShell Implementation of ADFSDump to assist with GoldenSAML
☆41Dec 7, 2025Updated 3 months ago
MayerDaniel / profiler-lateral-movement
View on GitHub
Lateral Movement via the .NET Profiler
☆100Nov 21, 2024Updated last year
ipSlav / DirtyCLR
View on GitHub
An App Domain Manager Injection DLL PoC on steroids
☆212Dec 14, 2023Updated 2 years ago
skelsec / evilrdp
View on GitHub
☆307Mar 15, 2025Updated last year
fin3ss3g0d / IoDllProxyLoad
View on GitHub
DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
☆65Mar 19, 2024Updated 2 years ago
0xEr3bus / RdpStrike
View on GitHub
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
☆250Jun 11, 2024Updated last year
ricardojoserf / NativeDump
View on GitHub
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
☆701May 7, 2025Updated 10 months ago
outflanknl / unmanaged-dotnet-patch
View on GitHub
Modify managed functions from unmanaged code
☆53Feb 1, 2024Updated 2 years ago
cybersectroll / SharpPersistSD
View on GitHub
☆91May 15, 2024Updated last year