RWXstoned/GimmeShelter external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

RWXstoned/GimmeShelter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/RWXstoned/GimmeShelter)

Close

RWXstoned / GimmeShelterView on GitHubMore

• External links
• Readme badge

Situational Awareness script to identify how and where to run implants

☆68Dec 6, 2024Updated last year

Alternatives and similar repositories for GimmeShelter

Users that are interested in GimmeShelter are comparing it to the libraries listed below

• strozfriedberg / DUALITY

  View on GitHub
  ☆18Feb 29, 2024Updated 2 years ago
• SpecterOps / cred1py

  View on GitHub
  A Python POC for CRED1 over SOCKS5
  ☆165Oct 5, 2024Updated last year
• Karkas66 / CelestialSpark

  View on GitHub
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Mar 27, 2025Updated 11 months ago
• CrowdStrike / sccmhound

  View on GitHub
  A BloodHound collector for Microsoft Configuration Manager
  ☆392Jul 7, 2025Updated 8 months ago
• ricardojoserf / NativeBypassCredGuard

  View on GitHub
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆267Apr 8, 2025Updated 11 months ago
• layer8secure / ConvertHound

  View on GitHub
  An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …
  ☆18Oct 15, 2020Updated 5 years ago
• paranoidninja / BRC4-BOF-Artillery

  View on GitHub
  ☆147Nov 6, 2025Updated 4 months ago
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆63Mar 19, 2024Updated last year
• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• MayerDaniel / profiler-lateral-movement

  View on GitHub
  Lateral Movement via the .NET Profiler
  ☆100Nov 21, 2024Updated last year
• vysecurity / ExfilServer

  View on GitHub
  Client-side Encrypted Upload Server Python Script
  ☆67Jul 10, 2025Updated 8 months ago
• 0xHossam / HuffLoader

  View on GitHub
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆283Apr 6, 2025Updated 11 months ago
• logangoins / Krueger

  View on GitHub
  Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
  ☆424Sep 29, 2025Updated 5 months ago
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆154Jul 23, 2025Updated 7 months ago
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆382Dec 13, 2024Updated last year
• xforcered / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆274Jul 1, 2025Updated 8 months ago
• jsecu / BOF-pack-1

  View on GitHub
  A care package of useful bofs for red team engagments
  ☆53Dec 6, 2024Updated last year
• sudonoodle / BOF-entra-authcode-flow

  View on GitHub
  Beacon Object File (BOF) to obtain Entra tokens via authcode flow.
  ☆124Jan 17, 2026Updated last month
• dmcxblue / NtCreateUserProcessBOF

  View on GitHub
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆30Jan 30, 2025Updated last year
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆194Feb 6, 2025Updated last year
• BlackSnufkin / LitterBox

  View on GitHub
  A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…
  ☆1,317Nov 12, 2025Updated 3 months ago
• NtDallas / KrakenMask

  View on GitHub
  Sleep obfuscation
  ☆270Dec 13, 2024Updated last year
• coffeegist / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆364Jan 29, 2026Updated last month
• ricardojoserf / SharpNado

  View on GitHub
  Repository to gather the .NET malware I will be developing
  ☆18Mar 23, 2025Updated 11 months ago
• idnahacks / NetCeasePlusPlus

  View on GitHub
  Takes the original idea of NetCease and adds functionality
  ☆24Feb 6, 2022Updated 4 years ago
• zh54321 / PoCEntraDeviceComplianceBypass

  View on GitHub
  Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
  ☆167Nov 17, 2025Updated 3 months ago
• hackerhouse-opensource / Gigabyte_ElevatePersist

  View on GitHub
  Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…
  ☆34Feb 2, 2026Updated last month
• rotarydrone / GlobalUnProtect

  View on GitHub
  Decrypt GlobalProtect configuration and cookie files.
  ☆157Sep 10, 2024Updated last year
• Cipher7 / havoc-SauronEye

  View on GitHub
  ☆11Dec 8, 2023Updated 2 years ago
• nyxgeek / autodiscover_enum

  View on GitHub
  time-based user enum via Basic Auth in Azure against Autodiscover
  ☆34Oct 3, 2024Updated last year
• Sh0ckFR / API-Hashing

  View on GitHub
  A basic exemple of the API-Hashing method used by Red Teamers but also by malwares developers in C++
  ☆37Jan 10, 2024Updated 2 years ago
• FalconForceTeam / bof-winrm-client

  View on GitHub
  ☆126Jan 23, 2025Updated last year
• som3canadian / Mythic_NimSyscallPacker_Wrapper

  View on GitHub
  Mythic C2 wrapper for NimSyscallPacker
  ☆25Mar 12, 2025Updated 11 months ago
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆345Nov 19, 2024Updated last year
• xforcered / ForsHops

  View on GitHub
  ForsHops
  ☆152Mar 25, 2025Updated 11 months ago
• ibaiC / FriendlyFireBOF

  View on GitHub
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆57Apr 14, 2025Updated 10 months ago
• ricardojoserf / BOF_Files

  View on GitHub
  Repository to gather the BOF files I will be developing
  ☆11Oct 1, 2024Updated last year
• MalwareTech / EDRception

  View on GitHub
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆204Dec 27, 2023Updated 2 years ago
• boku7 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆15Feb 13, 2024Updated 2 years ago