HullaBrian/COMmander external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

HullaBrian/COMmander

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/HullaBrian/COMmander)

Close

HullaBrian / COMmanderView on GitHubMore

• External links
• Readme badge

.NET tool used to enrich RPC telemetry

☆101Jan 24, 2026Updated last month

Alternatives and similar repositories for COMmander

Users that are interested in COMmander are comparing it to the libraries listed below

• mannyfred / MentalTi

  View on GitHub
  Mentally ill EtwTi parser
  ☆69Jan 11, 2026Updated 2 months ago
• ricardojoserf / SharpObfuscate

  View on GitHub
  Obfuscate payloads using IPv4, IPv6, MAC or UUID strings
  ☆23Feb 17, 2024Updated 2 years ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆384Dec 13, 2024Updated last year
• Mayyhem / Maestro

  View on GitHub
  Abusing Azure services over C2
  ☆367Jan 20, 2026Updated 2 months ago
• outflanknl / edr-internals

  View on GitHub
  Tools for analyzing EDR agents
  ☆278Jun 10, 2024Updated last year
• decoder-it / RelabelAbuse

  View on GitHub
  ☆63May 31, 2024Updated last year
• synacktiv / GroupPolicyBackdoor

  View on GitHub
  Group Policy Objects manipulation and exploitation framework
  ☆298Dec 7, 2025Updated 3 months ago
• trustedsec / Titanis

  View on GitHub
  Windows protocol library, including SMB and RPC implementations, among others.
  ☆688Mar 9, 2026Updated last week
• ricardojoserf / TrickDump

  View on GitHub
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆541May 9, 2025Updated 10 months ago
• NetSPI / BOF-PE

  View on GitHub
  An example reference design for a proposed BOF PE
  ☆204Jan 23, 2026Updated last month
• quarkslab / proxyblob

  View on GitHub
  SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.
  ☆314Feb 16, 2026Updated last month
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆412Jan 11, 2026Updated 2 months ago
• OtterHacker / OktaGinx

  View on GitHub
  ☆60Jun 2, 2025Updated 9 months ago
• 0xv1n / RemoteSessionEnum

  View on GitHub
  Remotely Enumerate sessions using undocumented Windows Station APIs
  ☆117Aug 21, 2024Updated last year
• 3lp4tr0n / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆199Nov 4, 2025Updated 4 months ago
• dmcxblue / Claude-C2

  View on GitHub
  Utilizng an MCP Server to communicate with your C2
  ☆86May 15, 2025Updated 10 months ago
• RedTeamPentesting / keycred

  View on GitHub
  Generate and Manage KeyCredentialLinks
  ☆253Mar 9, 2026Updated last week
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• 0xsp-SRD / MDE_Enum

  View on GitHub
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆211Jun 10, 2024Updated last year
• Leo4j / Invoke-SessionHunter

  View on GitHub
  Retrieve and display information about active user sessions on remote computers. No admin privileges required.
  ☆207Aug 12, 2024Updated last year
• FalconForceTeam / bof-winrm-client

  View on GitHub
  ☆127Jan 23, 2025Updated last year
• rtecCyberSec / BitlockMove

  View on GitHub
  Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
  ☆438Jun 27, 2025Updated 8 months ago
• TheManticoreProject / Delegations

  View on GitHub
  A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …
  ☆215Jan 12, 2026Updated 2 months ago
• Maldev-Academy / Alphabetfuscation

  View on GitHub
  Convert your shellcode into an ASCII string
  ☆127Jun 27, 2025Updated 8 months ago
• jdu2600 / CFG-FindHiddenShellcode

  View on GitHub
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆133May 17, 2023Updated 2 years ago
• AlteredSecurity / Disable-TamperProtection

  View on GitHub
  A POC to disable TamperProtection and other Defender / MDE components
  ☆255Jun 6, 2024Updated last year
• warpnet / MS-RPC-Fuzzer

  View on GitHub
  Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…
  ☆326Oct 20, 2025Updated 5 months ago
• MEhrn00 / boflink

  View on GitHub
  Linker for Beacon Object Files
  ☆160Feb 22, 2026Updated 3 weeks ago
• praetorian-inc / Matryoshka

  View on GitHub
  Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.
  ☆43May 24, 2021Updated 4 years ago
• andreisss / Ghosting-AMSI

  View on GitHub
  Ghosting-AMSI
  ☆226Apr 24, 2025Updated 10 months ago
• MultSec / MultCheck

  View on GitHub
  Identifies bad bytes from static analysis with any Anti-Virus scanner.
  ☆129Jul 5, 2024Updated last year
• jdu2600 / EtwTi-FluctuationMonitor

  View on GitHub
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆170May 17, 2023Updated 2 years ago
• 0xJs / EnumEDRs

  View on GitHub
  Enumerate active EDR's on the system
  ☆152Sep 23, 2025Updated 5 months ago
• hasherezade / waiting_thread_hijacking

  View on GitHub
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆264Aug 31, 2025Updated 6 months ago
• paskalian / WID_LoadLibrary

  View on GitHub
  Reverse engineering winapi function loadlibrary.
  ☆238Apr 17, 2023Updated 2 years ago
• 0xTriboulet / rssh-rs

  View on GitHub
  ☆55May 31, 2025Updated 9 months ago
• nyxgeek / frontdoor_waf_wtf

  View on GitHub
  Script to check Azure Front Door WAF for insecure RemoteAddr variable
  ☆27Jul 11, 2025Updated 8 months ago
• RootUp / SmuggleShield

  View on GitHub
  Protection against HTML smuggling attacks.
  ☆101Jul 10, 2025Updated 8 months ago