Alternatives and similar repositories for AtlasC2

Users that are interested in AtlasC2 are comparing it to the libraries listed below

• cube0x0 / MiniDump
  C# Lsass parser
  ☆295Updated 3 years ago
• S3cur3Th1sSh1t / SharpNamedPipePTH
  Pass the Hash to a named pipe for token Impersonation
  ☆302Updated last year
• m3rcer / Chisel-Strike
  A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
  ☆454Updated last year
• netero1010 / ScheduleRunner
  A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation
  ☆344Updated 5 months ago
• N4kedTurtle / PersistBOF
  A BOF to automate common persistence tasks for red teamers
  ☆279Updated 2 years ago
• passthehashbrowns / SharpRDPThief
  A C# implementation of RDPThief to steal credentials from RDP.
  ☆163Updated 4 years ago
• CCob / MirrorDump
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆265Updated 4 years ago
• plackyhacker / Suspended-Thread-Injection
  Another meterpreter injection technique using C# that attempts to bypass Defender
  ☆258Updated 3 years ago
• RikunjSindhwad / MSSQL-Attacker
  MSSQL Database Attacker tool
  ☆189Updated 2 years ago
• ShutdownRepo / ShadowCoerce
  MS-FSRVP coercion abuse PoC
  ☆291Updated 3 years ago
• Cerbersec / KillDefenderBOF
  Beacon Object File PoC implementation of KillDefender
  ☆227Updated 3 years ago
• mlcsec / SharpSQL
  Simple C# implementation of PowerUpSQL
  ☆95Updated 11 months ago
• cube0x0 / SharpSystemTriggers
  Collection of remote authentication triggers in C#
  ☆493Updated last year
• netero1010 / RDPHijack-BOF
  Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.
  ☆302Updated 2 years ago
• boh / RedCsharp
  Collection of C# projects. Useful for pentesting and redteaming.
  ☆308Updated last year
• rasta-mouse / DInvoke
  Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
  ☆161Updated last year
• boku7 / injectAmsiBypass
  Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
  ☆379Updated 2 years ago
• Flangvik / SharpProxyLogon
  C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection
  ☆245Updated 4 years ago
• aniqfakhrul / Sharperner
  Simple executable generator with encrypted shellcode.
  ☆282Updated 2 years ago
• Mr-Un1k0d3r / ADHuntTool
  official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
  ☆233Updated 3 years ago
• Flangvik / DLLSideloader
  PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloading
  ☆125Updated 5 years ago
• boku7 / spawn
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆461Updated 2 years ago
• mdsecactivebreach / DragonCastle
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆299Updated 2 years ago
• VirtualAlllocEx / Create-Thread-Shellcode-Fetcher
  This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…
  ☆247Updated 2 years ago
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆139Updated last year
• bugch3ck / SharpEfsPotato
  Local privilege escalation from SeImpersonatePrivilege using EfsRpc.
  ☆325Updated 2 years ago
• shantanu561993 / SharpLoginPrompt
  ☆135Updated 4 years ago
• adamsvoboda / nim-loader
  WIP shellcode loader in nim with EDR evasion techniques
  ☆217Updated 3 years ago
• 0xthirteen / SharpMove
  .NET Project for performing Authenticated Remote Execution
  ☆398Updated 2 years ago
• MzHmO / psexec_noinstall
  Repository contains psexec, which will help to exploit the forgotten pipe
  ☆171Updated 7 months ago