Alternatives and similar repositories for blogposts:

Users that are interested in blogposts are comparing it to the libraries listed below

• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• aaaddress1 / xlsGen
  (PoC) Tiny Excel BIFF8 Generator, to Embedded 4.0 Macros in xls files without Excel.
  ☆42Updated 3 years ago
• RiccardoAncarani / talks
  ☆42Updated 2 years ago
• ZeroPointSecurity / Domain-Enumeration-Tool
  Perform Windows domain enumeration via LDAP
  ☆36Updated 2 years ago
• tothi / SharpStay
  .NET project for installing Persistence
  ☆64Updated 3 years ago
• magisterquis / shelloverreversessh
  A little implant which SSH's back with a shell
  ☆36Updated 3 years ago
• RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW
  CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
  ☆48Updated 3 years ago
• N4kedTurtle / LocalDllParse
  ☆55Updated 3 years ago
• dtrizna / DotNetInject
  Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.
  ☆37Updated 5 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆55Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆72Updated 2 years ago
• improsec / CaddyStager
  ☆37Updated 2 years ago
• pgormanDS / hash_spider
  A module for CME that spiders across a domain.
  ☆35Updated 2 years ago
• tuian / subTee-gits-backups
  subTee gists code backups
  ☆37Updated 7 years ago
• xforcered / xPipe
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆54Updated 3 years ago
• EspressoCake / Cobalt_Strike_Ansible
  A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.
  ☆34Updated 3 years ago
• joeminicucci / RedIra
  A cloud automation system for Red Teams based on Terraform and Ansible
  ☆24Updated 3 years ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• EspressoCake / Firewall_Walker_BOF
  A BOF to interact with COM objects associated with the Windows software firewall.
  ☆102Updated 3 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆87Updated 2 years ago
• EspressoCake / HandleKatz_BOF
  A BOF port of the research of @thefLinkk and @codewhitesec
  ☆96Updated 3 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 3 years ago
• RiccardoAncarani / TaskShell
  ☆56Updated 4 years ago
• mitchmoser / AtYourService
  Service Enumeration C# .NET Assembly
  ☆58Updated 3 years ago
• matterpreter / FindETWProviderImage
  Quickly search for references to a GUID in DLLs, EXEs, and drivers
  ☆73Updated 3 years ago
• 0xthirteen / CleanRunMRU
  Get or remove RunMRU values
  ☆54Updated 5 years ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• OtterHacker / LabS4U2Self
  ☆30Updated 2 years ago