Alternatives and similar repositories for Havoc-C2-RCE-2024

Users that are interested in Havoc-C2-RCE-2024 are comparing it to the libraries listed below

• EvilBytecode / Ebyte-AMSI-ProxyInjector

  View on GitHub
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆62May 16, 2025Updated 8 months ago
• 123ojp / VxLAN-Scanner

  View on GitHub
  This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆28Jul 21, 2025Updated 6 months ago
• EvilWhales / ShadowDropper

  View on GitHub
  ShadowDropper is a utility for covertly delivering and executing payloads on a target system.
  ☆26Jul 4, 2025Updated 7 months ago
• ANYLNK / NSecSoftBYOVD

  View on GitHub
  NSecSoftBYOVD POC
  ☆54Sep 14, 2025Updated 4 months ago
• vmsplit / nebula

  View on GitHub
  arm64 linux position-independent shellcode framework
  ☆29Dec 12, 2025Updated 2 months ago
• kanadeblisst00 / read_wechat_contacts

  View on GitHub
  读取微信联系人列表，版本（3.9.12.51）
  ☆13Mar 22, 2025Updated 10 months ago
• OtterHacker / AWSRoundRobin

  View on GitHub
  ☆41Feb 20, 2025Updated 11 months ago
• aleemladha / SANS-Workshop-Lab

  View on GitHub
  SANS Workshop: Active Directory Privilege Escalation with Empire!
  ☆35Nov 12, 2025Updated 3 months ago
• rxOred / process-hollowing

  View on GitHub
  process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
  ☆31Jan 9, 2022Updated 4 years ago
• win3zz / CVE-2017-5638

  View on GitHub
  Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution - Shell Script
  ☆16May 13, 2018Updated 7 years ago
• jarnovandenbrink / getSPNless

  View on GitHub
  Python tool to automatically perform SPN-less RBCD attacks.
  ☆116Jan 7, 2026Updated last month
• Adaptix-Framework / templates-extender

  View on GitHub
  Templates for developing your own listeners and agents for AdaptixC2.
  ☆44Feb 3, 2026Updated last week
• Immersive-Labs-Sec / HavocC2-Forensics

  View on GitHub
  A set of tools and resources for analysis of Havoc C2
  ☆26Feb 27, 2024Updated last year
• xct / adopt

  View on GitHub
  Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆20Jul 8, 2022Updated 3 years ago
• wangsz05 / LearnDemo

  View on GitHub
  ☆16Oct 30, 2022Updated 3 years ago
• MaorSabag / impacket-jump

  View on GitHub
  Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…
  ☆119Dec 7, 2025Updated 2 months ago
• Shrfnt77 / AmsiBypass

  View on GitHub
  Bypassing Amsi using LdrLoadDll
  ☆47Jan 8, 2025Updated last year
• EvilWhales / nightshade

  View on GitHub
  ☆36Jul 1, 2025Updated 7 months ago
• DeDf / ParseNTFS

  View on GitHub
  ☆20Nov 8, 2020Updated 5 years ago
• LuemmelSec / P4wnP1_aloa

  View on GitHub
  P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming…
  ☆33Jul 5, 2025Updated 7 months ago
• Aur3ns / LsassStealer

  View on GitHub
  Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…
  ☆149Jun 19, 2025Updated 7 months ago
• tijme / kong-loader

  View on GitHub
  Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…
  ☆63Apr 2, 2025Updated 10 months ago
• gaudard / scripts

  View on GitHub
  ☆18Feb 15, 2020Updated 5 years ago
• 0xTriboulet / rssh-rs

  View on GitHub
  ☆55May 31, 2025Updated 8 months ago
• OffsecDeer / TargetedTimeroast

  View on GitHub
  Tamper Active Directory user attributes to collect their hashes with MS-SNTP
  ☆61Jan 21, 2025Updated last year
• garrettfoster13 / mssqlkaren

  View on GitHub
  modified mssqlclient from impacket to extract policies from the SCCM database
  ☆42Nov 4, 2025Updated 3 months ago
• synacktiv / sccmsqlclient

  View on GitHub
  ☆26Aug 5, 2025Updated 6 months ago
• Leo4j / Invoke-ShareHunter

  View on GitHub
  Enumerate the Domain for Readable and Writable Shares
  ☆23Nov 14, 2025Updated 2 months ago
• cocomelonc / 2022-04-02-malware-injection-18

  View on GitHub
  Find kernel32 base and API addresses. Simple C++ implementation
  ☆24Apr 7, 2022Updated 3 years ago
• DevBuiHieu / CVE-2025-33053-Proof-Of-Concept

  View on GitHub
  CVE-2025-33053 Proof Of Concept (PoC)
  ☆64Jun 17, 2025Updated 7 months ago
• HulkOperator / AuthStager

  View on GitHub
  ☆59Oct 24, 2024Updated last year
• michaelb / simple-user-simulation

  View on GitHub
  powershell script to simulate activity by a user
  ☆22Jul 29, 2020Updated 5 years ago
• Offensive-Panda / D3MPSEC

  View on GitHub
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆28Sep 18, 2024Updated last year
• cocomelonc / 2022-07-21-malware-tricks-22

  View on GitHub
  Run payload like a Lazarus Group (UuidFromStringA). C++ implementation
  ☆20Jul 24, 2022Updated 3 years ago
• DarkSpaceSecurity / SSH-Stealer

  View on GitHub
  Smart keylogging capability to steal SSH Credentials including password & Private Key
  ☆151Mar 26, 2025Updated 10 months ago
• LuemmelSec / AD-Ghost

  View on GitHub
  ☆55Nov 18, 2025Updated 2 months ago
• yinsel / CVE-2024-35250-BOF

  View on GitHub
  CVE-2024-35250 的 Beacon Object File (BOF) 实现。
  ☆24Nov 28, 2024Updated last year
• tijme / nimplant-beacon-position-independent-c-code

  View on GitHub
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆66Feb 11, 2025Updated last year
• 0xv1n / proc-suspend

  View on GitHub
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Mar 26, 2023Updated 2 years ago