Alternatives and similar repositories for AtlasC2

Users that are interested in AtlasC2 are comparing it to the libraries listed below

• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆294Dec 3, 2023Updated 2 years ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,398Nov 22, 2023Updated 2 years ago
• DragoQCC / CrucibleC2

  View on GitHub
  A C# Command & Control framework
  ☆1,026Mar 28, 2024Updated last year
• pwn1sher / WMEye

  View on GitHub
  WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
  ☆369Dec 24, 2021Updated 4 years ago
• Hagrid29 / PELoader

  View on GitHub
  PE loader with various shellcode injection techniques
  ☆447Oct 17, 2022Updated 3 years ago
• cube0x0 / KrbRelay

  View on GitHub
  Framework for Kerberos relaying
  ☆939May 29, 2022Updated 3 years ago
• nettitude / RunPE

  View on GitHub
  C# Reflective loader for unmanaged binaries.
  ☆447Jan 25, 2023Updated 3 years ago
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,364Oct 27, 2023Updated 2 years ago
• CCob / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆768Sep 4, 2024Updated last year
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,004Jun 4, 2024Updated last year
• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆539Nov 20, 2021Updated 4 years ago
• netero1010 / ServiceMove-BOF

  View on GitHub
  New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.
  ☆301Feb 23, 2022Updated 3 years ago
• enkomio / AlanFramework

  View on GitHub
  A C2 post-exploitation framework
  ☆483Jan 24, 2024Updated 2 years ago
• S3cur3Th1sSh1t / SharpImpersonation

  View on GitHub
  A User Impersonation tool - via Token or Shellcode injection
  ☆422May 21, 2022Updated 3 years ago
• improsec / SharpEventPersist

  View on GitHub
  Persistence by writing/reading shellcode from Event Log
  ☆378May 27, 2022Updated 3 years ago
• klezVirus / CandyPotato

  View on GitHub
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆313Sep 16, 2021Updated 4 years ago
• icyguider / Nimcrypt2

  View on GitHub
  .NET, PE, & Raw Shellcode Packer/Loader Written in Nim
  ☆813Jan 20, 2023Updated 3 years ago
• boku7 / azureOutlookC2

  View on GitHub
  Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…
  ☆503May 16, 2023Updated 2 years ago
• klezVirus / inceptor

  View on GitHub
  Template-Driven AV/EDR Evasion Framework
  ☆1,774Nov 3, 2023Updated 2 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆508Jan 19, 2022Updated 4 years ago
• trustedsec / COFFLoader

  View on GitHub
  ☆612Jul 21, 2025Updated 6 months ago
• Tylous / SourcePoint

  View on GitHub
  SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
  ☆1,192Apr 16, 2025Updated 9 months ago
• pwn1sher / uuid-loader

  View on GitHub
  UUID based Shellcode loader for your favorite C2
  ☆86Dec 8, 2021Updated 4 years ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆671Aug 15, 2025Updated 5 months ago
• mgeeky / ElusiveMice

  View on GitHub
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆482Jul 12, 2023Updated 2 years ago
• rasta-mouse / CsWhispers

  View on GitHub
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆186Mar 4, 2024Updated last year
• chvancooten / NimPackt-v1

  View on GitHub
  Nim-based assembly packer and shellcode loader for opsec & profit
  ☆488Feb 24, 2023Updated 2 years ago
• Kudaes / Elevator

  View on GitHub
  UAC bypass by abusing RPC and debug objects.
  ☆629Oct 19, 2023Updated 2 years ago
• adamsvoboda / nim-loader

  View on GitHub
  WIP shellcode loader in nim with EDR evasion techniques
  ☆221Mar 30, 2022Updated 3 years ago
• m3rcer / Chisel-Strike

  View on GitHub
  A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
  ☆460Mar 25, 2024Updated last year
• DeimosC2 / DeimosC2

  View on GitHub
  DeimosC2 is a Golang command and control framework for post-exploitation.
  ☆1,151Apr 17, 2025Updated 9 months ago
• Cracked5pider / KaynLdr

  View on GitHub
  KaynLdr is a Reflective Loader written in C/ASM
  ☆555Dec 3, 2023Updated 2 years ago
• FuzzySecurity / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆831Dec 2, 2023Updated 2 years ago
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆953Feb 2, 2026Updated last week
• thefLink / RecycledGate

  View on GitHub
  Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
  ☆498Feb 3, 2022Updated 4 years ago
• JamesCooteUK / SharpSphere

  View on GitHub
  .NET Project for Attacking vCenter
  ☆553Nov 11, 2021Updated 4 years ago
• mai1zhi2 / SharpBeacon

  View on GitHub
  CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
  ☆731Sep 1, 2021Updated 4 years ago
• darkr4y / geacon

  View on GitHub
  Practice Go programming and implement CobaltStrike's Beacon in Go
  ☆1,260Oct 2, 2020Updated 5 years ago
• trustedsec / CS_COFFLoader

  View on GitHub
  ☆131Dec 4, 2023Updated 2 years ago