Alternatives and similar repositories for Havoc-C2-RCE-2024

Users that are interested in Havoc-C2-RCE-2024 are comparing it to the libraries listed below

• MWR-CyberSec / AD-CS-Forest-Exploiter
  Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
  ☆101Updated last year
• watchtowrlabs / CVE-2024-50623
  Cleo Unrestricted file upload and download PoC (CVE-2024-50623)
  ☆24Updated 10 months ago
• weaselsec / GodPotato-Aggressor-Script
  ☆89Updated last year
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆60Updated 9 months ago
• CultCornholio / RedTeamTP
  ☆83Updated 5 months ago
• jiansiting / CVE-2025-59287
  WSUS Unauthenticated RCE
  ☆55Updated last week
• Kryp7os / SharpRBCD
  An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD
  ☆48Updated 7 months ago
• 123ojp / GREtunnel-scanner
  This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆87Updated 2 months ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆100Updated 2 years ago
• watchtowrlabs / watchTowr-vs-progress-moveit_CVE-2024-5806
  Exploit for the CVE-2024-5806
  ☆45Updated last year
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆41Updated last month
• hackerhouse-opensource / telnetclientpoc
  Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit
  ☆59Updated 5 months ago
• absholi7ly / CVE-2025-0282-Ivanti-exploit
  CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…
  ☆48Updated 9 months ago
• ASP4RUX / bypassEDR-AV
  ☆59Updated 11 months ago
• DevBuiHieu / CVE-2025-33053-Proof-Of-Concept
  CVE-2025-33053 Proof Of Concept (PoC)
  ☆60Updated 4 months ago
• wh0amitz / SharpRODC
  To audit the security of read-only domain controllers
  ☆117Updated last year
• cybersectroll / SharpPersistSD
  ☆91Updated last year
• Leo4j / PowerDACL
  A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)
  ☆60Updated 3 months ago
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆40Updated last year
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆75Updated last year
• Leo4j / SessionExec
  Execute commands in other Sessions
  ☆89Updated last year
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated 2 years ago
• PhrozenIO / SharpFtpC2
  A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.
  ☆86Updated last year
• kn0x0x / CVE-2025-32756-POC
  Proof of Concept for CVE-2025-32756 - A critical stack-based buffer overflow vulnerability affecting multiple Fortinet products.
  ☆100Updated 4 months ago
• DarkSpaceSecurity / SSH-Stealer
  Smart keylogging capability to steal SSH Credentials including password & Private Key
  ☆145Updated 7 months ago
• mlcsec / proctools
  Small toolkit for extracting information and dumping sensitive strings from Windows processes
  ☆115Updated last year
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆53Updated last year
• HulkOperator / AuthStager
  ☆58Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆35Updated 2 years ago
• nopbrick / SeeProxy
  Golang reverse proxy with CobaltStrike malleable profile validation.
  ☆110Updated 2 years ago