Alternatives and similar repositories for Havoc-C2-RCE-2024

Users that are interested in Havoc-C2-RCE-2024 are comparing it to the libraries listed below

• watchtowrlabs / watchTowr-vs-progress-moveit_CVE-2024-5806
  Exploit for the CVE-2024-5806
  ☆45Updated last year
• DevBuiHieu / CVE-2025-33053-Proof-Of-Concept
  CVE-2025-33053 Proof Of Concept (PoC)
  ☆52Updated 3 weeks ago
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆41Updated last month
• hackerhouse-opensource / telnetclientpoc
  Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit
  ☆54Updated 2 months ago
• MWR-CyberSec / AD-CS-Forest-Exploiter
  Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
  ☆96Updated last year
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆54Updated 6 months ago
• v1k1ngfr / fuegoshell
  Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445
  ☆53Updated last year
• MatheuZSecurity / RingReaper
  Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls.
  ☆73Updated this week
• watchtowrlabs / CVE-2024-50623
  Cleo Unrestricted file upload and download PoC (CVE-2024-50623)
  ☆23Updated 7 months ago
• absholi7ly / CVE-2025-0282-Ivanti-exploit
  CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…
  ☆47Updated 6 months ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆99Updated 2 years ago
• CultCornholio / RedTeamTP
  ☆68Updated last month
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆54Updated last year
• almounah / GoDroplets
  Go Shellcode Loader to be Integrated in Exploration C2
  ☆27Updated 5 months ago
• weaselsec / GodPotato-Aggressor-Script
  ☆88Updated last year
• wh0amitz / SharpRODC
  To audit the security of read-only domain controllers
  ☆117Updated last year
• Maldev-Academy / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆49Updated 2 months ago
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆71Updated last year
• realstatus / CVE-2024-40711-Exp
  CVE-2024-40711-exp
  ☆42Updated 8 months ago
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆94Updated 2 weeks ago
• sfewer-r7 / CVE-2023-27532
  Exploit for CVE-2023-27532 against Veeam Backup & Replication
  ☆111Updated 2 years ago
• jojonas / SharpSAMDump
  SAM Dumping in C#
  ☆49Updated 5 months ago
• Leo4j / PowerDACL
  A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)
  ☆56Updated this week
• ASP4RUX / bypassEDR-AV
  ☆57Updated 8 months ago
• cybersectroll / SharpPersistSD
  ☆90Updated last year
• DarkSpaceSecurity / SSH-Stealer
  Smart keylogging capability to steal SSH Credentials including password & Private Key
  ☆138Updated 3 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆59Updated 10 months ago
• 0xthirteen / reg_snake
  Python tool to interact with WMI StdRegProv
  ☆60Updated 7 months ago
• Kryp7os / SharpRBCD
  An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD
  ☆47Updated 4 months ago
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆76Updated last year