Alternatives and similar repositories for smugglo

Users that are interested in smugglo are comparing it to the libraries listed below

• xelemental / Mal-LNK-Generator

  View on GitHub
  ☆39Mar 28, 2025Updated 10 months ago
• xyplex3 / RedTeamCoin

  View on GitHub
  Red Team Coin for crypto-mining operations.
  ☆23Jan 12, 2026Updated last month
• b3rito / peeko

  View on GitHub
  peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.
  ☆222Apr 14, 2025Updated 10 months ago
• som3canadian / Mythic_NimSyscallPacker_Wrapper

  View on GitHub
  Mythic C2 wrapper for NimSyscallPacker
  ☆25Mar 12, 2025Updated 11 months ago
• redr0nin / Serenity

  View on GitHub
  C# DInvoke Shellcode Runner
  ☆31Feb 10, 2025Updated last year
• NtDallas / Svartalfheim

  View on GitHub
  Stage 0
  ☆169Dec 18, 2024Updated last year
• tdeerenberg / InlineWhispers3

  View on GitHub
  Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion
  ☆99Jul 9, 2025Updated 7 months ago
• rxOred / process-hollowing

  View on GitHub
  process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
  ☆31Jan 9, 2022Updated 4 years ago
• ttpreport / siphondns

  View on GitHub
  Covert data exfiltration via DNS
  ☆51Feb 8, 2025Updated last year
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆70Jun 29, 2025Updated 7 months ago
• dmcxblue / AzureFunctionRedirector

  View on GitHub
  ☆50Apr 9, 2025Updated 10 months ago
• dmcxblue / AzureRedirector

  View on GitHub
  A C# project that builds a Web Application which redirects all HTTPS
  ☆26Feb 11, 2025Updated last year
• The-Viper-One / Invoke-RDPThief

  View on GitHub
  Inject RDPThief into memory with PowerShell.
  ☆65Jan 21, 2025Updated last year
• BlackSnufkin / HolyGrail

  View on GitHub
  BYOVD hunter to help prioritize windows drivers worth manual analysis
  ☆74Aug 19, 2025Updated 5 months ago
• CyberSecurityUP / ShadowPhish

  View on GitHub
  ShadowPhish is an advanced APT awareness toolkit designed to simulate real-world phishing, malware delivery, deepfakes, smishing/vishing,…
  ☆223Apr 18, 2025Updated 9 months ago
• MorDavid / BloodHoundViewer

  View on GitHub
  Addon for BHCE
  ☆58Apr 1, 2025Updated 10 months ago
• zh54321 / PoCEntraDeviceComplianceBypass

  View on GitHub
  Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
  ☆167Nov 17, 2025Updated 2 months ago
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆208Jan 30, 2025Updated last year
• ad0nis / ntlm_relay_gat

  View on GitHub
  ☆167Feb 29, 2024Updated last year
• b3rito / b3acon

  View on GitHub
  b3acon - a mail-based C2 that communicates via an in-memory C# IMAP client dynamically compiled in memory using PowerShell.
  ☆45Apr 21, 2025Updated 9 months ago
• furax124 / Protect_Loader

  View on GitHub
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆82Jun 25, 2025Updated 7 months ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• Maldev-Academy / ExecutePeFromPngViaLNK

  View on GitHub
  Extract and execute a PE embedded within a PNG file using an LNK file.
  ☆466Nov 2, 2024Updated last year
• ZephrFish / GoClipC2

  View on GitHub
  Clipboard for Command and Control between VDI, RDP and Others on Windows
  ☆50Dec 7, 2025Updated 2 months ago
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆135Apr 18, 2025Updated 9 months ago
• DarkSpaceSecurity / RunAs-Stealer

  View on GitHub
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆203Mar 6, 2025Updated 11 months ago
• amjcyber / pwnlook

  View on GitHub
  An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…
  ☆166Oct 9, 2024Updated last year
• hdbreaker / Nimhawk

  View on GitHub
  A powerful, modular, lightweight and efficient command & control framework written in Nim.
  ☆216Nov 3, 2025Updated 3 months ago
• 0xsch1zo / NullGate

  View on GitHub
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆165Jul 30, 2025Updated 6 months ago
• nafiez / DataBlockNTLMLeak

  View on GitHub
  Windows Shell Link (LNK) Proof of Concept
  ☆16Jul 19, 2025Updated 6 months ago
• MythicC2Profiles / smb

  View on GitHub
  P2P Communications of Named Pipes
  ☆12Dec 11, 2025Updated 2 months ago
• IceCubeSandwich / chronix

  View on GitHub
  A self-hosted, real-time collaborative workspace for offensive security assessments.
  ☆36Jan 27, 2026Updated 2 weeks ago
• dmcxblue / PyObscura

  View on GitHub
  A python script that automates a C2 Profile build
  ☆48Dec 14, 2025Updated 2 months ago
• cybersectroll / TrollAMSI

  View on GitHub
  ☆186Jun 14, 2025Updated 8 months ago
• doyensec / malicious-devfile-registry

  View on GitHub
  Exploit for CVE-2024-0402 in Gitlab
  ☆15Mar 18, 2025Updated 10 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass

  View on GitHub
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54May 12, 2025Updated 9 months ago
• LuemmelSec / APEX

  View on GitHub
  Azure Post Exploitation Framework
  ☆244Oct 27, 2025Updated 3 months ago
• JumpsecLabs / TokenSmith

  View on GitHub
  TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …
  ☆376Jan 23, 2025Updated last year