Alternatives and similar repositories for cobaltstrike-aggressor-scripts

Users that are interested in cobaltstrike-aggressor-scripts are comparing it to the libraries listed below

• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆176Updated 2 years ago
• login-securite / conpass
  Continuous password spraying tool
  ☆189Updated 3 months ago
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆153Updated last year
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆201Updated 8 months ago
• mertdas / SharpLateral
  Lateral Movement
  ☆124Updated last year
• cybersectroll / TrollAMSI
  ☆178Updated last week
• dievus / PowerShellRunner
  PowerShell runner for executing malicious payloads in order to bypass Windows Defender.
  ☆73Updated 3 years ago
• Primusinterp / PrimusC2
  A C2 framework built for my bachelors thesis
  ☆55Updated 7 months ago
• ad0nis / ntlm_relay_gat
  ☆159Updated last year
• Tylous / Freeze
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆116Updated 2 years ago
• Ghost53574 / havoc_profile_generator
  Havoc C2 profile generator
  ☆90Updated 8 months ago
• SaadAhla / GithubC2
  Github as C2 Demonstration , free API = free C2 Infrastructure
  ☆140Updated last year
• WKL-Sec / GregsBestFriend
  GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
  ☆193Updated 2 years ago
• ZERODETECTION / MSC_Dropper
  ☆177Updated 10 months ago
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆173Updated last month
• Flangvik / ObfuscatedSharpCollection
  Attempt at Obfuscated version of SharpCollection
  ☆216Updated last month
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆92Updated last month
• powerseb / PowerExtract
  ☆118Updated 2 months ago
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆91Updated last year
• dadevel / mssql-spider
  Automated exploitation of MSSQL servers at scale
  ☆108Updated last week
• BlackShell256 / Null-AMSI
  Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.
  ☆67Updated 3 weeks ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆167Updated 3 months ago
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆139Updated 11 months ago
• amauricio / junkshell
  ☆70Updated 3 months ago
• CyberSecurityUP / Awesome-EDR-Evasion
  ☆84Updated 4 months ago
• TunnelGRE / Percino
  Evasive Golang Loader
  ☆131Updated 10 months ago
• cisagov / snafflepy
  Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler
  ☆102Updated 7 months ago
• Laokoon-SecurITy / Cortex-XDR-Config-Extractor
  Cortex XDR Config Extractor
  ☆132Updated 2 years ago
• mandiant / ccmpwn
  ☆206Updated last year