Alternatives and similar repositories for fileless-xec

Users that are interested in fileless-xec are comparing it to the libraries listed below

• ariary / QueenSono
  Golang binary for data exfiltration with ICMP protocol (+ ICMP bindshell, http over ICMP tunneling, ...)
  ☆166Updated 4 years ago
• adamsvoboda / nim-loader
  WIP shellcode loader in nim with EDR evasion techniques
  ☆221Updated 3 years ago
• dobin / antnium
  A C2 framework for initial access in Go
  ☆200Updated 3 years ago
• iDigitalFlame / XMT
  eXtensiable Malware Toolkit: Full Featured Golang C2 Framework with Awesome Features
  ☆103Updated last month
• Enelg52 / KittyStager
  KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…
  ☆229Updated 2 years ago
• andreiverse / grc2
  grim reaper c2
  ☆346Updated 3 years ago
• f1zm0 / hades
  Go shellcode loader that combines multiple evasion techniques
  ☆387Updated 2 years ago
• xforcered / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆336Updated last year
• N4kedTurtle / PersistBOF
  A BOF to automate common persistence tasks for red teamers
  ☆291Updated 2 years ago
• S3cur3Th1sSh1t / NimGetSyscallStub
  Get fresh Syscalls from a fresh ntdll.dll copy
  ☆236Updated 4 years ago
• kleiton0x00 / Shelltropy
  A technique of hiding malicious shellcode via Shannon encoding.
  ☆260Updated 3 years ago
• t3hbb / NSGenCS
  Extendable payload obfuscation and delivery framework
  ☆146Updated 3 years ago
• Cerbersec / DomainBorrowingC2
  ☆170Updated 4 years ago
• f1zm0 / acheron
  indirect syscalls for AV/EDR evasion in Go assembly
  ☆349Updated 2 years ago
• pwn1sher / WMEye
  WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
  ☆369Updated 4 years ago
• S3cur3Th1sSh1t / SharpNamedPipePTH
  Pass the Hash to a named pipe for token Impersonation
  ☆312Updated 2 years ago
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆147Updated 2 years ago
• nettitude / ShellcodeMutator
  ☆247Updated 3 years ago
• boku7 / injectAmsiBypass
  Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
  ☆382Updated 2 years ago
• Trackflaw / CVE-2023-23397
  Simple PoC of the CVE-2023-23397 vulnerability with the payload sent by email.
  ☆127Updated 2 years ago
• Ne0nd0g / merlin-agent
  Post-exploitation agent for Merlin
  ☆206Updated 9 months ago
• preemptdev / bluffy
  Convert shellcode into different formats!
  ☆358Updated 3 years ago
• mdsecactivebreach / DragonCastle
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆301Updated 3 years ago
• Sh0ckFR / Lockbit3.0-MpClient-Defender-PoC
  Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC
  ☆176Updated 3 years ago
• Cobalt-Strike / sleep_python_bridge
  This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python withou…
  ☆187Updated 5 months ago
• kindtime / nosferatu
  Windows NTLM Authentication Backdoor
  ☆241Updated last year
• MythicAgents / Medusa
  Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic
  ☆202Updated 5 months ago
• ly4k / PrintNightmare
  Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
  ☆205Updated 4 years ago
• S3cur3Th1sSh1t / Nim-RunPE
  A Nim implementation of reflective PE-Loading from memory
  ☆298Updated last year
• klezVirus / CandyPotato
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆312Updated 4 years ago