Alternatives and similar repositories for AuthStager

Users that are interested in AuthStager are comparing it to the libraries listed below

• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆46Updated last year
• nickvourd / Rocabella
  Sniffing files generator
  ☆59Updated 9 months ago
• xelemental / Mal-LNK-Generator
  ☆38Updated 8 months ago
• Bl4ckM1rror / PEAs
  ☆61Updated 2 years ago
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Updated last year
• PShlyundin / TimeSync
  Tool to obtain hash using MS-SNTP for user accounts
  ☆27Updated 11 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆48Updated 2 years ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆42Updated 2 months ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆44Updated last year
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆54Updated 2 years ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 4 months ago
• cybersectroll / TrollDump
  ☆82Updated last year
• Karkas66 / EarlyCascadeImprooved
  an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
  ☆22Updated 10 months ago
• 0xbad53c / OffSecOps-Arsenal
  Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.
  ☆44Updated last year
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆31Updated 9 months ago
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆41Updated last year
• 0xB455 / ActiveSyncBruter
  ☆26Updated 9 months ago
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆51Updated 2 years ago
• OffenseTeacher / Steganim
  ☆47Updated 2 years ago
• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆37Updated 2 weeks ago
• Patrick0x41 / BOF_All_Things
  Beacon Object Files (BOF) for Cobalt Strike.
  ☆32Updated last year
• tijme / conferences
  Some of the presentations, workshops, and labs I gave at public conferences.
  ☆34Updated last month
• thiagopeixoto / mystique-self-injection
  An improvement and a different approach to Mockingjay Self-Injection.
  ☆35Updated last year
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆89Updated 11 months ago
• patrickt2017 / VEHNetLoader
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆49Updated 5 months ago
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆32Updated 2 years ago
• dis0rder0x00 / stillepost
  Using Chromium-based browsers as a proxy for C2 traffic.
  ☆116Updated 2 weeks ago
• 0xthirteen / rpc2wc
  RPC to WebClient startup
  ☆53Updated 4 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆25Updated 10 months ago