Alternatives and similar repositories for havoc-py

Users that are interested in havoc-py are comparing it to the libraries listed below

• HavocFramework / Talon

  View on GitHub
  (Demo) 3rd party agent for Havoc
  ☆147Aug 20, 2023Updated 2 years ago
• CodeXTF2 / PyHmmm

  View on GitHub
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆86Nov 8, 2023Updated 2 years ago
• HavocFramework / Modules

  View on GitHub
  Modules used by the Havoc Framework
  ☆264Jun 17, 2024Updated last year
• silentwarble / hbin_template

  View on GitHub
  Post-Ex BOF tooling for Hannibal
  ☆24Nov 20, 2024Updated last year
• ThanniKudam / Malware-Development

  View on GitHub
  Just another repository for malware development
  ☆13May 12, 2024Updated last year
• Ghost53574 / havoc_profile_generator

  View on GitHub
  Havoc C2 profile generator
  ☆101Jul 15, 2025Updated 6 months ago
• RSSU-Shellcode / Gleam-RT

  View on GitHub
  A runtime for developing large-scale and complex shellcode.
  ☆22Updated this week
• 0xTriboulet / T-70

  View on GitHub
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆40Oct 30, 2024Updated last year
• entropy-z / PostEx-Arsenal

  View on GitHub
  Arsenal of modules to beacon postex
  ☆94Nov 30, 2025Updated 2 months ago
• p4p1 / havoc-privkit

  View on GitHub
  a port of privkit bof for havoc
  ☆23Dec 8, 2023Updated 2 years ago
• susMdT / SharpAgent

  View on GitHub
  C# havoc implant
  ☆100Feb 12, 2023Updated 3 years ago
• 0xTriboulet / Revenant

  View on GitHub
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆389Jul 30, 2024Updated last year
• p4p1 / havoc-bloodhound

  View on GitHub
  A GUI wrapper inside of Havoc to interact with bloodhound CE
  ☆70Feb 3, 2024Updated 2 years ago
• attify / zigbee-security-exploitation

  View on GitHub
  This module helps you get started with basic Zigbee analysis, and later on performing additional attacks on the Zigbee protocol.
  ☆12Nov 23, 2016Updated 9 years ago
• TartarusLabs / Expeditus

  View on GitHub
  Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to…
  ☆13May 30, 2022Updated 3 years ago
• dmcxblue / PyObscura

  View on GitHub
  A python script that automates a C2 Profile build
  ☆48Dec 14, 2025Updated last month
• Cipher7 / havoc-SauronEye

  View on GitHub
  ☆11Dec 8, 2023Updated 2 years ago
• bettercap / recording

  View on GitHub
  This package allows reading and writing bettercap's session recordings.
  ☆14Apr 8, 2019Updated 6 years ago
• aniko33 / AlcatrazLdr

  View on GitHub
  Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection
  ☆10Feb 26, 2025Updated 11 months ago
• mochabyte0x / TrampoLatte

  View on GitHub
  A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow
  ☆18Jun 26, 2025Updated 7 months ago
• HulkOperator / AuthStager

  View on GitHub
  ☆59Oct 24, 2024Updated last year
• ProcessusT / SharpVenoma

  View on GitHub
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆51Apr 22, 2024Updated last year
• Maldev-Academy / HookingLsassForCredentials

  View on GitHub
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆54May 12, 2025Updated 9 months ago
• MythicAgents / Kharon-Mtc

  View on GitHub
  C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…
  ☆196Dec 30, 2025Updated last month
• BishopFox / burpcage

  View on GitHub
  ☆10May 25, 2023Updated 2 years ago
• ChoiSG / havoc2nginx

  View on GitHub
  havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…
  ☆12May 8, 2023Updated 2 years ago
• dmcxblue / NtCreateUserProcessBOF

  View on GitHub
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆30Jan 30, 2025Updated last year
• jakobfriedl / havoc-NoPowerShell

  View on GitHub
  Havoc plugin allowing in-memory execution of PowerShell cmdlets
  ☆13Dec 14, 2023Updated 2 years ago
• M507 / nmap-vulnerability-scan-scripts

  View on GitHub
  nmap detection scripts for CVE-2022-45477, CVE-2022-45479, CVE-2022-45482, CVE-2022-45481
  ☆16Apr 19, 2024Updated last year
• 0xG00S3 / Hashbreaker

  View on GitHub
  A modern, web-based GUI for Hashcat that provides an intuitive interface for hash cracking operations, featuring real-time monitoring, pe…
  ☆33Mar 5, 2025Updated 11 months ago
• Cracked5pider / unguard-eat

  View on GitHub
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆42Aug 6, 2024Updated last year
• froyo75 / docker-evilginx2

  View on GitHub
  Custom Evilginx2 Docker container without any IOCs or Evilginx Eggs..
  ☆14Dec 13, 2021Updated 4 years ago
• 0xMrNiko / RootKit

  View on GitHub
  This repository contains Loadable Kernel Modules (LKM) and LD_PRELOAD-based modules designed for penetration testing, red teaming, and se…
  ☆13Feb 15, 2025Updated 11 months ago
• codewhitesec / daphne

  View on GitHub
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆18Aug 3, 2023Updated 2 years ago
• Vasco0x4 / SimpleProcessHollowing

  View on GitHub
  simple shellcode injector for Windows / Process Hollowing
  ☆15Jun 26, 2024Updated last year
• p0dalirius / gitea-extract-users

  View on GitHub
  A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.
  ☆15Feb 11, 2025Updated last year
• byt3bl33d3r / pyobfuscate

  View on GitHub
  A pyobfuscate fork made specifically to randomize and obfuscate python based payloads
  ☆14Feb 9, 2015Updated 11 years ago
• Azr43lKn1ght / Rust-ProcHollow

  View on GitHub
  Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.
  ☆22Jan 6, 2025Updated last year
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆35Jan 20, 2025Updated last year