Alternatives and similar repositories for Havoc-C2-RCE-2024

Users that are interested in Havoc-C2-RCE-2024 are comparing it to the libraries listed below

• hackerhouse-opensource / telnetclientpoc
  Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit
  ☆62Updated 7 months ago
• MWR-CyberSec / AD-CS-Forest-Exploiter
  Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
  ☆101Updated 2 years ago
• 123ojp / GREtunnel-scanner
  This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆90Updated 3 months ago
• Leo4j / PowerDACL
  A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)
  ☆61Updated 5 months ago
• absholi7ly / CVE-2025-0282-Ivanti-exploit
  CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…
  ☆51Updated 10 months ago
• watchtowrlabs / CVE-2024-50623
  Cleo Unrestricted file upload and download PoC (CVE-2024-50623)
  ☆24Updated last year
• ASP4RUX / bypassEDR-AV
  ☆59Updated last year
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆41Updated 2 months ago
• deriv-security / MeetC2
  (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.
  ☆124Updated 3 months ago
• Network-Sec / CVE-2025-21420-PoC
  We found a way to DLL sideload with cleanmgr.exe
  ☆95Updated 9 months ago
• CultCornholio / RedTeamTP
  ☆86Updated 6 months ago
• ricardojoserf / SAMDump
  Extract SAM and SYSTEM using Volume Shadow Copy (VSS) API. With multiple exfiltration options and XOR obfuscation
  ☆201Updated 3 weeks ago
• watchtowrlabs / watchTowr-vs-progress-moveit_CVE-2024-5806
  Exploit for the CVE-2024-5806
  ☆45Updated last year
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆76Updated last year
• ACE-Responder / Empire-C2-RCE-PoC
  RCE PoC for Empire C2 framework <5.9.3
  ☆27Updated last year
• 0xthirteen / reg_snake
  Python tool to interact with WMI StdRegProv
  ☆59Updated last year
• 0xjessie21 / CVE-2025-24016
  CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)
  ☆41Updated 9 months ago
• Kryp7os / SharpRBCD
  An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD
  ☆49Updated 9 months ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆35Updated 2 years ago
• HulkOperator / AuthStager
  ☆59Updated last year
• SaadAhla / IP-Hunter
  Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process
  ☆72Updated last year
• jojonas / SharpSAMDump
  SAM Dumping in C#
  ☆53Updated last week
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆54Updated last year
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆73Updated 2 years ago
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆41Updated last year
• cogiceo / DACLSearch
  Exhaustive search and flexible filtering of Active Directory ACEs.
  ☆65Updated last month
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆62Updated 11 months ago
• EQSTLab / CVE-2024-46538
  PfSense Stored XSS lead to Arbitrary Code Execution exploit
  ☆49Updated 10 months ago
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Updated last year
• DevBuiHieu / CVE-2025-33053-Proof-Of-Concept
  CVE-2025-33053 Proof Of Concept (PoC)
  ☆61Updated 5 months ago