XiaoliChan/RedCaddy external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

XiaoliChan/RedCaddy

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/XiaoliChan/RedCaddy)

Close

XiaoliChan / RedCaddyView on GitHubMore

• External links
• Readme badge

C2 redirector base on caddy

☆212May 28, 2024Updated 2 years ago

Alternatives and similar repositories for RedCaddy

Users that are interested in RedCaddy are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• XiaoliChan / Xiaoli-Tools

  View on GitHub
  ☆15Aug 1, 2023Updated 2 years ago
• XiaoliChan / Invoke-sAMSpoofing

  View on GitHub
  CVE-2021-42287/CVE-2021-42278 exploits in powershell
  ☆39Apr 4, 2022Updated 4 years ago
• XiaoliChan / wmiexec-Pro

  View on GitHub
  New generation of wmiexec.py
  ☆1,287Apr 26, 2026Updated last month
• XiaoliChan / LDAPShell

  View on GitHub
  A wrapper of ldap_shell.py module which in ntlmrelayx
  ☆62Sep 22, 2022Updated 3 years ago
• baiyies / ScreenshotBOFPlus

  View on GitHub
  Take a screenshot without injection for Cobalt Strike
  ☆205Jun 7, 2023Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• icyguider / LightsOut

  View on GitHub
  Generate an obfuscated DLL that will disable AMSI & ETW
  ☆334Jul 15, 2024Updated last year
• Ridter / atexec-pro

  View on GitHub
  Fileless atexec, no more need for port 445
  ☆410Mar 28, 2024Updated 2 years ago
• Octoberfest7 / DropSpawn_BOF

  View on GitHub
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆289Jun 8, 2023Updated 3 years ago
• CodeXTF2 / WindowSpy

  View on GitHub
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆284Feb 24, 2025Updated last year
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆694Aug 15, 2025Updated 9 months ago
• RedSiege / GraphStrike

  View on GitHub
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆632Jun 25, 2024Updated last year
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆241Dec 3, 2025Updated 6 months ago
• CodeXTF2 / Burp2Malleable

  View on GitHub
  Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
  ☆417Apr 6, 2023Updated 3 years ago
• wikiZ / RedGuard

  View on GitHub
  RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
  ☆1,565Aug 20, 2024Updated last year
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 3 years ago
• XiaoliChan / CrackMapExec-Extension

  View on GitHub
  CrackMapExec extension module/protocol support
  ☆43Sep 12, 2023Updated 2 years ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,332Dec 7, 2023Updated 2 years ago
• Mr-Un1k0d3r / Cookie-and-Handle-Stealer

  View on GitHub
  C or BOF file to extract WebKit master key to decrypt user cookie
  ☆208Apr 29, 2024Updated 2 years ago
• Octoberfest7 / CVE-2023-36874_BOF

  View on GitHub
  Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
  ☆205Aug 25, 2023Updated 2 years ago
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆721Mar 4, 2023Updated 3 years ago
• jiushill / wmi-hack-py

  View on GitHub
  ☆49May 8, 2023Updated 3 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,020Jun 4, 2024Updated 2 years ago
• CodeXTF2 / ScreenshotBOF

  View on GitHub
  An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…
  ☆499Dec 7, 2025Updated 6 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• WKL-Sec / Malleable-CS-Profiles

  View on GitHub
  A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
  ☆523Jun 2, 2026Updated last week
• seahop / titan

  View on GitHub
  Titan: A generic user defined reflective DLL for Cobalt Strike
  ☆85Nov 20, 2022Updated 3 years ago
• NVISOsecurity / CobaltWhispers

  View on GitHub
  CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…
  ☆241Jan 4, 2023Updated 3 years ago
• Sq00ky / RunAsPasswd

  View on GitHub
  A RunAs clone with the ability to specify the password as an argument.
  ☆112Jul 2, 2023Updated 2 years ago
• mgeeky / RedWarden

  View on GitHub
  Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
  ☆993Oct 7, 2022Updated 3 years ago
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆381Apr 19, 2023Updated 3 years ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,411Nov 22, 2023Updated 2 years ago
• Orange-Cyberdefense / EDRSnowblast

  View on GitHub
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆25Sep 29, 2023Updated 2 years ago
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆326Jul 2, 2023Updated 2 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• Octoberfest7 / EventViewerUAC_BOF

  View on GitHub
  Beacon Object File implementation of Event Viewer deserialization UAC bypass
  ☆132May 6, 2022Updated 4 years ago
• mgeeky / ElusiveMice

  View on GitHub
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆489Jul 12, 2023Updated 2 years ago
• AgeloVito / adduserbysamr-bof

  View on GitHub
  Cobalt Strike BOF that Add a user to localgroup by samr
  ☆141Nov 30, 2022Updated 3 years ago
• 0xEr3bus / RdpStrike

  View on GitHub
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆251Jun 11, 2024Updated 2 years ago
• m3rcer / Chisel-Strike

  View on GitHub
  A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
  ☆461Mar 25, 2024Updated 2 years ago
• deepinstinct / ContainYourself

  View on GitHub
  A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
  ☆320Aug 31, 2023Updated 2 years ago
• wh0amitz / BypassCredGuard

  View on GitHub
  Credential Guard Bypass Via Patching Wdigest Memory
  ☆337Feb 3, 2023Updated 3 years ago