Alternatives and similar repositories for Erebus

Users that are interested in Erebus are comparing it to the libraries listed below

• phishingclub / session-sushi

  View on GitHub
  Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.
  ☆22Dec 31, 2025Updated last month
• t1Sh1n4 / Umbrella

  View on GitHub
  Umbrella will protect your shellcode from the rain.
  ☆31Jun 4, 2025Updated 8 months ago
• mrexodia / zeromcp

  View on GitHub
  Zero-dependency MCP server implementation.
  ☆57Dec 4, 2025Updated 2 months ago
• kozmer / rspy

  View on GitHub
  rust port of pspy with support for process monitoring over dbus
  ☆35Jan 4, 2026Updated last month
• CodeXTF2 / Cobaltstrike_BOFLoader

  View on GitHub
  open source port/reimplementation of the Cobalt Strike BOF Loader as is
  ☆64Feb 3, 2026Updated last week
• NetSPI / ATEAM

  View on GitHub
  ☆139Sep 9, 2025Updated 5 months ago
• CodeXTF2 / bof_template

  View on GitHub
  BOF template with boflink and mutator kit support
  ☆49Jan 8, 2026Updated last month
• y-security / stealthguardian

  View on GitHub
  StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and…
  ☆20Aug 7, 2024Updated last year
• MythicMeta / Pantheon

  View on GitHub
  Community Eventing and Scripting examples
  ☆18Aug 11, 2025Updated 6 months ago
• MythicAgents / nemesis

  View on GitHub
  Nemesis agent for Mythic
  ☆28Dec 11, 2025Updated 2 months ago
• mtholmquist / sidecar

  View on GitHub
  Decoupled AI copilot for pentesting & CTFs. Sidecar tails your shell history, parses tool outputs, grounds suggestions in your notes, and…
  ☆13Nov 21, 2025Updated 2 months ago
• aniko33 / AlcatrazLdr

  View on GitHub
  Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection
  ☆10Feb 26, 2025Updated 11 months ago
• ibaiC / MFade

  View on GitHub
  A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…
  ☆50Jul 18, 2025Updated 6 months ago
• xephora / Tech-Scripts-n-Goodies

  View on GitHub
  ☆14Dec 24, 2025Updated last month
• KingOfTheNOPs / ChangeWallpaper-BOF

  View on GitHub
  Cobalt Strike Beacon Object File to to change the user's desktop wallpaper
  ☆16Sep 15, 2023Updated 2 years ago
• ibaiC / FriendlyFireBOF

  View on GitHub
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆57Apr 14, 2025Updated 10 months ago
• 0xTriboulet / ai-postex

  View on GitHub
  Proof-of-concept implementation of AI-enabled postex DLLs
  ☆54Sep 10, 2025Updated 5 months ago
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆104Nov 7, 2025Updated 3 months ago
• mez-0 / citadel

  View on GitHub
  A Payload Analysis Framework
  ☆116Oct 9, 2025Updated 4 months ago
• OleFredrik1 / remoteKrbRelayx

  View on GitHub
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆146Jul 17, 2025Updated 6 months ago
• MythicMeta / ExampleContainers

  View on GitHub
  Examples of various container types for Python and Golang
  ☆16Aug 29, 2025Updated 5 months ago
• Cracked5pider / earlycascade-injection

  View on GitHub
  early cascade injection PoC based on Outflanks blog post
  ☆236Nov 7, 2024Updated last year
• 0xRedpoll / ludus_mythic_teamserver

  View on GitHub
  Ludus role for deploying a Mythic Teamserver onto Linux servers
  ☆23Mar 16, 2025Updated 10 months ago
• praetorian-inc / swarmer

  View on GitHub
  A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
  ☆81Jan 26, 2026Updated 2 weeks ago
• sakkis91 / SandboxPPL

  View on GitHub
  Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.
  ☆12May 28, 2025Updated 8 months ago
• tnkr / poc_monitor

  View on GitHub
  A short scraper looking for a POC of CVE-2024-49112
  ☆14Dec 16, 2024Updated last year
• OtterHacker / Hooker

  View on GitHub
  ☆109Oct 29, 2024Updated last year
• ThanniKudam / TopazTerminator

  View on GitHub
  Just another EDR killer
  ☆94Jan 21, 2026Updated 3 weeks ago
• djackreuter / btexec

  View on GitHub
  Execute shellcode via Bluetooth device authentication
  ☆40Feb 19, 2025Updated 11 months ago
• asaurusrex / Silent_Chrome

  View on GitHub
  This code silently installs Chrome extensions on Mac, Windows, and Linux
  ☆127Jul 22, 2025Updated 6 months ago
• itaymigdal / PartyLoader

  View on GitHub
  Threadless shellcode injection tool
  ☆68Aug 5, 2024Updated last year
• Macmod / ldapx

  View on GitHub
  Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.
  ☆188Dec 23, 2025Updated last month
• MythicAgents / forge

  View on GitHub
  Command Augmentation support for BOFs and .NET assemblies across agents
  ☆38Jan 12, 2026Updated last month
• kypvas / LDIFToBloodHound

  View on GitHub
  A Windows tool that converts LDIF files to BloodHound CE
  ☆25Dec 20, 2025Updated last month
• MHaggis / AppLockerGen

  View on GitHub
  AppLocker Policy Generator
  ☆25Aug 25, 2025Updated 5 months ago
• Hackcraft-Labs / ScheduleRunner

  View on GitHub
  A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation
  ☆18Dec 18, 2024Updated last year
• vmsplit / icekit

  View on GitHub
  I/O Cache-As-Ram + AMD x86_64 cache line locking | Mirror of https://codeberg.org/3itch/icekit
  ☆18Mar 10, 2025Updated 11 months ago
• logangoins / SOAPy

  View on GitHub
  SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
  ☆160Jan 23, 2026Updated 3 weeks ago
• sagiol / Terms-of-What

  View on GitHub
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆44Jun 23, 2025Updated 7 months ago