Alternatives and similar repositories for thanatos

Users that are interested in thanatos are comparing it to the libraries listed below

• janoglezcampos / rust_syscalls

  View on GitHub
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆230Mar 23, 2023Updated 2 years ago
• MythicAgents / Athena

  View on GitHub
  ☆216Nov 6, 2025Updated 3 months ago
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,364Oct 27, 2023Updated 2 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,004Jun 4, 2024Updated last year
• memN0ps / venom-rs

  View on GitHub
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆360Mar 2, 2024Updated last year
• Cracked5pider / KaynLdr

  View on GitHub
  KaynLdr is a Reflective Loader written in C/ASM
  ☆555Dec 3, 2023Updated 2 years ago
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  ☆1,117Jan 6, 2026Updated last month
• yamakadi / clroxide

  View on GitHub
  A rust library that allows you to host the CLR and execute dotnet binaries.
  ☆235Mar 12, 2025Updated 11 months ago
• frkngksl / NiCOFF

  View on GitHub
  COFF and BOF Loader written in Nim
  ☆176Aug 1, 2022Updated 3 years ago
• chvancooten / NimPlant

  View on GitHub
  A light-weight first-stage C2 implant written in Nim (and Rust).
  ☆933Mar 28, 2025Updated 10 months ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,398Nov 22, 2023Updated 2 years ago
• MythicAgents / Apollo

  View on GitHub
  A .NET Framework 4.0 Windows Agent
  ☆526Feb 2, 2026Updated last week
• spellshift / realm

  View on GitHub
  Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
  ☆592Feb 9, 2026Updated last week
• trickster0 / NamelessC2

  View on GitHub
  Nameless C2 - A C2 with all its components written in Rust
  ☆282Sep 26, 2024Updated last year
• CCob / SharpBlock

  View on GitHub
  A method of bypassing EDR's active projection DLL's by preventing entry point exection
  ☆1,164Mar 31, 2021Updated 4 years ago
• pwn1sher / frostbyte

  View on GitHub
  FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
  ☆386Apr 16, 2022Updated 3 years ago
• SolomonSklash / SleepyCrypt

  View on GitHub
  A shellcode function to encrypt a running process image when sleeping.
  ☆340Sep 11, 2021Updated 4 years ago
• yamakadi / ldr

  View on GitHub
  A work in progress BOF/COFF loader in Rust
  ☆50Mar 22, 2023Updated 2 years ago
• b23r0 / Heroinn

  View on GitHub
  A cross platform C2/post-exploitation framework.
  ☆706Oct 8, 2022Updated 3 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆508Jan 19, 2022Updated 4 years ago
• b1tg / cobaltstrike-beacon-rust

  View on GitHub
  CobaltStrike beacon in rust
  ☆208Aug 10, 2024Updated last year
• Yaxser / COFFLoader2

  View on GitHub
  Load and execute COFF files and Cobalt Strike BOFs in-memory
  ☆226Sep 13, 2022Updated 3 years ago
• Cracked5pider / Stardust

  View on GitHub
  A modern 32/64-bit position independent implant template
  ☆1,294Mar 21, 2025Updated 10 months ago
• hakaioffsec / coffee

  View on GitHub
  A COFF loader made in Rust
  ☆327Aug 20, 2025Updated 5 months ago
• xuanxuan0 / DripLoader

  View on GitHub
  Evasive shellcode loader for bypassing event-based injection detection (PoC)
  ☆822Aug 23, 2021Updated 4 years ago
• Cracked5pider / Ekko

  View on GitHub
  Sleep Obfuscation
  ☆814Dec 3, 2023Updated 2 years ago
• Kudaes / Split

  View on GitHub
  Apply a divide and conquer approach to bypass EDRs
  ☆287Oct 19, 2023Updated 2 years ago
• postrequest / link

  View on GitHub
  link is a command and control framework written in rust
  ☆581Aug 18, 2021Updated 4 years ago
• klezVirus / SysWhispers3

  View on GitHub
  SysWhispers on Steroids - AV/EDR evasion via direct system calls.
  ☆1,585Jul 31, 2024Updated last year
• N4kedTurtle / PersistBOF

  View on GitHub
  A BOF to automate common persistence tasks for red teamers
  ☆293Mar 7, 2023Updated 2 years ago
• enkomio / AlanFramework

  View on GitHub
  A C2 post-exploitation framework
  ☆483Jan 24, 2024Updated 2 years ago
• chvancooten / NimPackt-v1

  View on GitHub
  Nim-based assembly packer and shellcode loader for opsec & profit
  ☆488Feb 24, 2023Updated 2 years ago
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆808Sep 4, 2024Updated last year
• mgeeky / RedWarden

  View on GitHub
  Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
  ☆992Oct 7, 2022Updated 3 years ago
• RedSiege / EDD

  View on GitHub
  Enumerate Domain Data
  ☆335Sep 13, 2023Updated 2 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆675Dec 23, 2022Updated 3 years ago
• wumb0 / rust_bof

  View on GitHub
  Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
  ☆282Feb 8, 2024Updated 2 years ago
• NoahKirchner / speedloader

  View on GitHub
  Rust template/library for implementing your own COFF loader
  ☆71Jan 27, 2025Updated last year
• FuzzySecurity / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆830Dec 2, 2023Updated 2 years ago