Alternatives and similar repositories for Windows-Exploitation

Users that are interested in Windows-Exploitation are comparing it to the libraries listed below

• Primusinterp / PrimusC2
  A C2 framework built for my bachelors thesis
  ☆56Updated last week
• ASP4RUX / bypassEDR-AV
  ☆59Updated last year
• susMdT / SharpAgent
  C# havoc implant
  ☆101Updated 2 years ago
• matro7sh / matro7sh_loaders
  this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
  ☆83Updated last year
• 0xAbdullah / Offensive-Snippets
  A repository with my code snippets for research/education purposes.
  ☆52Updated 2 years ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆46Updated 3 years ago
• lefayjey / SharpSQLPwn
  C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments
  ☆113Updated 3 years ago
• dievus / PowerShellRunner
  PowerShell runner for executing malicious payloads in order to bypass Windows Defender.
  ☆72Updated 4 years ago
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆46Updated last year
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆51Updated 2 years ago
• 0xNinjaCyclone / PowerLoad3r
  Malicious powershell scripts loader designed to avoid detection.
  ☆59Updated 2 years ago
• 0xHossam / APT-Attack-Simulation
  APT-Attack-Simulation simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privile…
  ☆62Updated last year
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆42Updated last year
• smokeme / PDFator
  ☆27Updated 2 years ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆73Updated 2 years ago
• 808ale / NetRunners
  Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.
  ☆14Updated 4 months ago
• Peco602 / cobaltstrike-aggressor-scripts
  A collection of Cobalt Strike Aggressor scripts.
  ☆105Updated 3 years ago
• p4p1 / havoc-bloodhound
  A GUI wrapper inside of Havoc to interact with bloodhound CE
  ☆71Updated last year
• k4sth4 / Juicy-Potato
  Windows Privilege Escalation
  ☆69Updated 3 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• rootshooter / osep-code-dump-2022
  Code dump from PEN-300/OSEP updated 2022
  ☆42Updated 3 years ago
• georgesotiriadis / MalwareDev
  ☆84Updated 3 years ago
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆54Updated last year
• aress31 / clm-rout
  A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
  ☆21Updated 3 years ago
• dmcxblue / Red-Team-Guide
  A small red team course
  ☆40Updated 2 years ago
• CultCornholio / RedTeamTP
  ☆86Updated 7 months ago
• dmcxblue / calc_poc
  A repository holding Proof of Concepts for executing the calculator application via different file formats
  ☆42Updated last year
• DamonMohammadbagher / NativePayload_PE1
  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…
  ☆59Updated 2 years ago
• lleon1435 / BypassAV
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆15Updated 2 years ago
• nocerainfosec / TakeMyRDP2.0
  An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard in…
  ☆105Updated 2 years ago