Alternatives and similar repositories for Noctilucent

Users that are interested in Noctilucent are comparing it to the libraries listed below

• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• Ridter / DomainHiding

  View on GitHub
  external c2 use domainhiding.
  ☆50Oct 27, 2020Updated 5 years ago
• jsecu / CredManBOF

  View on GitHub
  ☆99Sep 20, 2021Updated 4 years ago
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆220May 3, 2023Updated 2 years ago
• CCob / goreflect

  View on GitHub
  Reflective DLL loading of your favorite Golang program
  ☆173Jan 27, 2020Updated 6 years ago
• rookuu / BOFs

  View on GitHub
  Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.
  ☆185Feb 11, 2021Updated 5 years ago
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆283Sep 18, 2021Updated 4 years ago
• D00MFist / Go4aRun

  View on GitHub
  Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process
  ☆231Jul 30, 2020Updated 5 years ago
• matterpreter / spotter

  View on GitHub
  Targeted Payload Execution
  ☆100Apr 9, 2020Updated 5 years ago
• med0x2e / NoAmci

  View on GitHub
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆218Mar 5, 2020Updated 5 years ago
• mdsecactivebreach / RegistryStrikesBack

  View on GitHub
  ☆53Oct 20, 2020Updated 5 years ago
• G0ldenGunSec / SharpSecDump

  View on GitHub
  .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
  ☆610Feb 16, 2023Updated 2 years ago
• outflanknl / HelpColor

  View on GitHub
  Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type
  ☆211Mar 18, 2024Updated last year
• outflanknl / FindObjects-BOF

  View on GitHub
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆275May 3, 2023Updated 2 years ago
• darkr4y / geacon

  View on GitHub
  Practice Go programming and implement CobaltStrike's Beacon in Go
  ☆1,260Oct 2, 2020Updated 5 years ago
• monoxgas / Koppeling

  View on GitHub
  Adaptive DLL hijacking / dynamic export forwarding
  ☆808Jul 6, 2020Updated 5 years ago
• RedSiege / C2concealer

  View on GitHub
  C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
  ☆1,097Jun 25, 2024Updated last year
• emcghee / PayloadAutomation

  View on GitHub
  ☆121Jun 17, 2022Updated 3 years ago
• Mr-B0b / SpaceRunner

  View on GitHub
  This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…
  ☆196Jul 26, 2020Updated 5 years ago
• CCob / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆768Sep 4, 2024Updated last year
• ReversecLabs / C3

  View on GitHub
  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…
  ☆1,722Jan 16, 2026Updated 3 weeks ago
• mdsecactivebreach / Execute-GithubAssembly-Aggressor

  View on GitHub
  Aggressor Script to Execute Assemblies from Github
  ☆71Nov 30, 2020Updated 5 years ago
• rsmudge / ZeroLogon-BOF

  View on GitHub
  ☆163Apr 25, 2022Updated 3 years ago
• anthemtotheego / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆219Jul 14, 2021Updated 4 years ago
• Cerbersec / DomainBorrowingC2

  View on GitHub
  ☆170May 20, 2021Updated 4 years ago
• rvrsh3ll / FindFrontableDomains

  View on GitHub
  Search for potential frontable domains
  ☆644Mar 22, 2023Updated 2 years ago
• DeimosC2 / DeimosC2

  View on GitHub
  DeimosC2 is a Golang command and control framework for post-exploitation.
  ☆1,151Apr 17, 2025Updated 9 months ago
• mgeeky / cobalt-arsenal

  View on GitHub
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,098Apr 19, 2023Updated 2 years ago
• m57 / cobaltstrike_bofs

  View on GitHub
  My CobaltStrike BOFS
  ☆165Jul 23, 2022Updated 3 years ago
• optiv / ScareCrow

  View on GitHub
  ScareCrow - Payload creation framework designed around EDR bypass.
  ☆2,869Aug 18, 2023Updated 2 years ago
• CCob / SharpBlock

  View on GitHub
  A method of bypassing EDR's active projection DLL's by preventing entry point exection
  ☆1,164Mar 31, 2021Updated 4 years ago
• michaelweber / Macrome

  View on GitHub
  Excel Macro Document Reader/Writer for Red Teamers & Analysts
  ☆524Feb 1, 2022Updated 4 years ago
• Yaxser / CobaltStrike-BOF

  View on GitHub
  Collection of beacon BOF written to learn windows and cobaltstrike
  ☆362Feb 24, 2023Updated 2 years ago
• rxwx / spoolsystem

  View on GitHub
  Print Spooler Named Pipe Impersonation for Cobalt Strike
  ☆270Jun 13, 2020Updated 5 years ago
• EncodeGroup / UAC-SilentClean

  View on GitHub
  New UAC bypass for Silent Cleanup for CobaltStrike
  ☆191Jul 14, 2021Updated 4 years ago
• antonioCoco / RemotePotato0

  View on GitHub
  Windows Privilege Escalation from User to Domain Admin.
  ☆1,438Dec 18, 2022Updated 3 years ago
• outflanknl / Excel4-DCOM

  View on GitHub
  PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)
  ☆328Mar 26, 2019Updated 6 years ago
• threatexpress / cs2modrewrite

  View on GitHub
  Convert Cobalt Strike profiles to modrewrite scripts
  ☆611Jan 30, 2023Updated 3 years ago
• phra / PEzor

  View on GitHub
  Open-Source Shellcode & PE Packer
  ☆2,063Feb 3, 2024Updated 2 years ago