Alternatives and similar repositories for COM-to-the-Darkside

Users that are interested in COM-to-the-Darkside are comparing it to the libraries listed below

• Fitretech-Security / dylight
  macOS dylib stager
  ☆36Updated 11 months ago
• yo-yo-yo-jbo / commandline_spoofing
  Commandline spoofing on Windows
  ☆89Updated last month
• OtterHacker / AWSRoundRobin
  ☆41Updated 10 months ago
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆90Updated last year
• rasta-mouse / pwnlift
  Easy peasy file uploads
  ☆33Updated 4 months ago
• mez-0 / citadel
  A Payload Analysis Framework
  ☆112Updated 3 months ago
• whokilleddb / sinister-vsix
  Blog/Journal on how to backdoor VSCode extensions
  ☆76Updated 5 months ago
• outflanknl / regcertipy
  Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does
  ☆95Updated 6 months ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆59Updated 10 months ago
• hoodoer / DragonHash
  Demo code JavaScript POC that tricks user into sending Windows hash to responder
  ☆35Updated 3 weeks ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• thiagopeixoto / mystique-self-injection
  An improvement and a different approach to Mockingjay Self-Injection.
  ☆35Updated last year
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆44Updated last year
• 0xthirteen / rpc2wc
  RPC to WebClient startup
  ☆53Updated 4 months ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆30Updated last year
• winsecurity / AMSI-Bypass-HWBP
  ☆26Updated 4 months ago
• KingOfTheNOPs / Get-NetNTLM
  Internal Monologue BOF
  ☆79Updated last year
• bot984397 / eepy
  ☆38Updated 8 months ago
• dis0rder0x00 / stillepost
  Using Chromium-based browsers as a proxy for C2 traffic.
  ☆134Updated last month
• Karkas66 / EarlyCascadeImprooved
  an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
  ☆22Updated 10 months ago
• mochabyte0x / TrampoLatte
  A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow
  ☆17Updated 6 months ago
• garrettfoster13 / CVE-2025-59501
  CVE-2025-59501 POC code
  ☆24Updated last month
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆31Updated 10 months ago
• OtterHacker / Hooker
  ☆108Updated last year
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆36Updated 8 months ago
• EspressoCake / ADIDNS_Parser
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Updated 10 months ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆21Updated 9 months ago
• MartinoTommasini / offlineSCCMdecrypt
  Step-by-step documentation on how to decrypt SCCM database secrets offline
  ☆50Updated 2 months ago
• kozmer / rspy
  rust port of pspy with support for process monitoring over dbus
  ☆35Updated this week