Alternatives and similar repositories for CrucibleC2

Users that are interested in CrucibleC2 are comparing it to the libraries listed below

• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,004Jun 4, 2024Updated last year
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆714Mar 4, 2023Updated 2 years ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,297Dec 7, 2023Updated 2 years ago
• lem0nSec / ShellGhost

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,199Oct 16, 2023Updated 2 years ago
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,364Oct 27, 2023Updated 2 years ago
• rasta-mouse / SharpC2

  View on GitHub
  Command and Control Framework written in C#
  ☆427Jul 27, 2023Updated 2 years ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,398Nov 22, 2023Updated 2 years ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆678Oct 23, 2024Updated last year
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆808Sep 4, 2024Updated last year
• Accenture / Spartacus

  View on GitHub
  Spartacus DLL/COM Hijacking Toolkit
  ☆1,083Feb 1, 2024Updated 2 years ago
• XiaoliChan / wmiexec-Pro

  View on GitHub
  New generation of wmiexec.py
  ☆1,255Jan 5, 2026Updated last month
• ZeroMemoryEx / Blackout

  View on GitHub
  kill anti-malware protected processes ( BYOVD )
  ☆970Jul 21, 2023Updated 2 years ago
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆609Jan 2, 2025Updated last year
• fortra / nanodump

  View on GitHub
  The swiss army knife of LSASS dumping
  ☆2,069Sep 17, 2024Updated last year
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆953Feb 2, 2026Updated last week
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  ☆1,117Jan 6, 2026Updated last month
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆671Aug 15, 2025Updated 5 months ago
• HavocFramework / Havoc

  View on GitHub
  The Havoc Framework
  ☆8,158Dec 18, 2025Updated last month
• Idov31 / Nidhogg

  View on GitHub
  Nidhogg is an all-in-one simple to use windows kernel rootkit.
  ☆2,202Feb 1, 2026Updated last week
• wikiZ / RedGuard

  View on GitHub
  RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
  ☆1,562Aug 20, 2024Updated last year
• optiv / Freeze

  View on GitHub
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆1,470Aug 18, 2023Updated 2 years ago
• ZeroMemoryEx / Terminator

  View on GitHub
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆1,040Jun 20, 2023Updated 2 years ago
• trustedsec / CS-Situational-Awareness-BOF

  View on GitHub
  Situational Awareness commands implemented using Beacon Object Files
  ☆1,709Jan 5, 2026Updated last month
• ZeroMemoryEx / Amsi-Killer

  View on GitHub
  Lifetime AMSI bypass
  ☆670Sep 26, 2023Updated 2 years ago
• Octoberfest7 / DropSpawn_BOF

  View on GitHub
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆285Jun 8, 2023Updated 2 years ago
• 0xb11a1 / yetAnotherObfuscator

  View on GitHub
  C# obfuscator that bypass windows defender
  ☆801Jun 4, 2023Updated 2 years ago
• nickvourd / Supernova

  View on GitHub
  Real fucking shellcode encryptor & obfuscator tool
  ☆1,012Jan 7, 2026Updated last month
• decoder-it / LocalPotato

  View on GitHub
  ☆705Nov 7, 2023Updated 2 years ago
• naksyn / Pyramid

  View on GitHub
  a tool to help operate in EDRs' blind spots
  ☆769Dec 2, 2024Updated last year
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆772Jan 26, 2026Updated 2 weeks ago
• 0xTriboulet / Revenant

  View on GitHub
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆389Jul 30, 2024Updated last year
• CCob / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆768Sep 4, 2024Updated last year
• optiv / ScareCrow

  View on GitHub
  ScareCrow - Payload creation framework designed around EDR bypass.
  ☆2,869Aug 18, 2023Updated 2 years ago
• georgesotiriadis / Chimera

  View on GitHub
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆502Dec 19, 2023Updated 2 years ago
• Tylous / SourcePoint

  View on GitHub
  SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
  ☆1,192Apr 16, 2025Updated 9 months ago
• grimlockx / ADCSKiller

  View on GitHub
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆738May 19, 2023Updated 2 years ago
• SaadAhla / FilelessPELoader

  View on GitHub
  Loading Remote AES Encrypted PE in memory , Decrypted it and run it
  ☆1,021Aug 29, 2023Updated 2 years ago
• chvancooten / NimPlant

  View on GitHub
  A light-weight first-stage C2 implant written in Nim (and Rust).
  ☆933Mar 28, 2025Updated 10 months ago
• icyguider / Nimcrypt2

  View on GitHub
  .NET, PE, & Raw Shellcode Packer/Loader Written in Nim
  ☆813Jan 20, 2023Updated 3 years ago