Alternatives and similar repositories for Living-off-the-COM-Type-Coercion-Abuse

Users that are interested in Living-off-the-COM-Type-Coercion-Abuse are comparing it to the libraries listed below

• cybersectroll / TrollDisappearKey

  View on GitHub
  ☆52Jul 8, 2025Updated 7 months ago
• dmcxblue / Claude-C2

  View on GitHub
  Utilizng an MCP Server to communicate with your C2
  ☆86May 15, 2025Updated 9 months ago
• aitorfirm / BlackIris

  View on GitHub
  Thats it! An Open-Source Windows UEFI Rootkit
  ☆28Jul 19, 2025Updated 6 months ago
• G0ldenGunSec / SCCM_SQL_Collector

  View on GitHub
  PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph
  ☆24Aug 2, 2025Updated 6 months ago
• dagowda / PrimeEncryptor

  View on GitHub
  ☆81Apr 28, 2025Updated 9 months ago
• Slowerzs / KeyJumper

  View on GitHub
  ☆53Mar 26, 2025Updated 10 months ago
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated 11 months ago
• Fudgedotdotdot / nimpersonate

  View on GitHub
  Impersonate Windows tokens in Nim
  ☆23Aug 4, 2025Updated 6 months ago
• goichot / OverLAPS

  View on GitHub
  Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic"
  ☆22Oct 12, 2025Updated 4 months ago
• backdoorskid / ClrAmsiScanPatcher

  View on GitHub
  Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET
  ☆50May 5, 2025Updated 9 months ago
• zimnyaa / stoplooking

  View on GitHub
  A simple BOF that disables some logging with NtSetInformationProcess
  ☆13Oct 13, 2023Updated 2 years ago
• hackforyourentertainment / Misery

  View on GitHub
  Misery Loader to bypass modern EDR solutions
  ☆17Dec 20, 2024Updated last year
• antman1p / JXA_Proc_Tree

  View on GitHub
  A JXA script for enumerating running processes, printed out in a json, parent-child tree.
  ☆14Jan 28, 2022Updated 4 years ago
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• EvilBytecode / ExitPatcher

  View on GitHub
  Prevent in-process process termination by patching exit APIs
  ☆63Nov 9, 2025Updated 3 months ago
• Archie-osu / PowerHook

  View on GitHub
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆73Apr 13, 2025Updated 10 months ago
• strozfriedberg / DUALITY

  View on GitHub
  ☆18Feb 29, 2024Updated last year
• Darkrain2009 / RedExt

  View on GitHub
  Chrome browser extension-based Command & Control
  ☆232Jul 2, 2025Updated 7 months ago
• cybersectroll / TrollRPC

  View on GitHub
  ☆50Jul 9, 2025Updated 7 months ago
• Teach2Breach / schtask

  View on GitHub
  Rust implementation, creating a scheduled task programmatically with user logon trigger.
  ☆47Jun 10, 2025Updated 8 months ago
• patrickt2017 / VEHNetLoader

  View on GitHub
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆50Jul 6, 2025Updated 7 months ago
• m8sec / Dispatch

  View on GitHub
  Evasive Payload Delivery Server & C2 Redirector
  ☆112Nov 3, 2025Updated 3 months ago
• woldann / NThread

  View on GitHub
  Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…
  ☆59Oct 10, 2025Updated 4 months ago
• SlimeOnSecurity / PrintSpoofer-BOF

  View on GitHub
  ☆50May 4, 2025Updated 9 months ago
• passthehashbrowns / DInvokeProcessHollowing

  View on GitHub
  ☆31Aug 23, 2020Updated 5 years ago
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆246Sep 8, 2024Updated last year
• warpnet / COM-Fuzzer

  View on GitHub
  Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…
  ☆157Nov 23, 2025Updated 2 months ago
• SafeBreach-Labs / RPC-Racer

  View on GitHub
  Toolset to manipulate RPC clients by finding delayed services and masquerading as them
  ☆107Aug 18, 2025Updated 5 months ago
• AlmondOffSec / DCOMRunAs

  View on GitHub
  Lateral movement with DCOM DLL hijacking
  ☆177Jul 4, 2025Updated 7 months ago
• Friends-Security / RedirectThread

  View on GitHub
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆198Jun 17, 2025Updated 8 months ago
• 0xthirteen / mtprocess

  View on GitHub
  Python script to leverage MSFT_MTProcess WMI class
  ☆39Sep 17, 2025Updated 5 months ago
• EvanMcBroom / sleepy

  View on GitHub
  A lexer and parser for Sleep
  ☆20May 14, 2025Updated 9 months ago
• ioncodes / SilentLoad

  View on GitHub
  "Service-less" driver loading
  ☆184Nov 28, 2024Updated last year
• ricardojoserf / SAMDump

  View on GitHub
  Extract SAM and SYSTEM using Volume Shadow Copy (VSS) API. With multiple exfiltration options and XOR obfuscation
  ☆336Feb 2, 2026Updated 2 weeks ago
• CCob / Shwmae

  View on GitHub
  ☆160Jan 27, 2025Updated last year
• FalconForceTeam / dAWShund

  View on GitHub
  Putting a leash on naughty AWS permissions
  ☆134Sep 5, 2025Updated 5 months ago
• zimnyaa / LEOPARDSEAL

  View on GitHub
  A simple Linux in-memory .so loader
  ☆33Mar 29, 2023Updated 2 years ago
• WildByDesign / ACLViewer

  View on GitHub
  ACL Viewer for Windows
  ☆132May 4, 2025Updated 9 months ago
• RWXstoned / LdrShuffle

  View on GitHub
  Code execution/injection technique using DLL PEB module structure manipulation
  ☆220Jun 4, 2025Updated 8 months ago