Alternatives and similar repositories for SharpFtpC2:

Users that are interested in SharpFtpC2 are comparing it to the libraries listed below

• dmcxblue / SharpBlackout
  Terminate AV/EDR leveraging BYOVD attack
  ☆80Updated last year
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated last year
• LuemmelSec / ntlmrelayx.py_to_exe
  ☆79Updated last year
• sfewer-r7 / CVE-2023-27532
  Exploit for CVE-2023-27532 against Veeam Backup & Replication
  ☆108Updated last year
• rasta-mouse / SCMUACBypass
  ☆96Updated last year
• susMdT / SharpAgent
  C# havoc implant
  ☆98Updated 2 years ago
• werdhaihai / SharpAltShellCodeExec
  Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
  ☆76Updated 2 years ago
• 0xsp-SRD / 0xsp.com
  a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab
  ☆62Updated 2 months ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆97Updated last year
• LuxNoBulIshit / Smug_Fu3k
  ☆51Updated 2 years ago
• kymb0 / Stealth_shellcode_runners
  ☆55Updated 11 months ago
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆84Updated 2 years ago
• REDMED-X / InjectKit
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆93Updated last year
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆53Updated last year
• LudovicPatho / CVE-2022-26923_AD-Certificate-Services
  The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment …
  ☆44Updated 2 years ago
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆82Updated 5 months ago
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆149Updated last year
• dmcxblue / SharpGhostTask
  A C# port from Invoke-GhostTask
  ☆112Updated last year
• magnusstubman / tokenduplicator
  Tool to start processes as SYSTEM using token duplication
  ☆38Updated 4 years ago
• Hagrid29 / DumpAADSyncCreds
  C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…
  ☆39Updated last year
• wh0amitz / SharpRODC
  To audit the security of read-only domain controllers
  ☆114Updated last year
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆74Updated 2 years ago
• ScriptIdiot / sleepmask_PatchlessHook
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆83Updated 2 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆54Updated 3 years ago
• xiosec / Terminator
  PowerShell script to terminate protected processes such as anti-malware and EDRs.
  ☆26Updated last year
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆80Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆54Updated 7 months ago
• Wh04m1001 / DiagTrackEoP
  ☆88Updated 2 years ago
• knight0x07 / PoC-Malware-TTPs
  PoC-Malware-TTPs
  ☆49Updated last year