Alternatives and similar repositories for COM-to-the-Darkside

Users that are interested in COM-to-the-Darkside are comparing it to the libraries listed below

• mdsecactivebreach / functionpeekaboo

  View on GitHub
  ☆60Oct 24, 2025Updated 3 months ago
• ricardojoserf / w11_shadow_copies

  View on GitHub
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆81Jan 26, 2026Updated 2 weeks ago
• kypvas / LDIFToBloodHound

  View on GitHub
  A Windows tool that converts LDIF files to BloodHound CE
  ☆25Dec 20, 2025Updated last month
• OG-Sadpanda / SharpCat

  View on GitHub
  C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly
  ☆15Jul 15, 2021Updated 4 years ago
• ofasgard / execute-assembly-pico

  View on GitHub
  A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.
  ☆128Jan 28, 2026Updated 2 weeks ago
• shaheeryasirofficial / Red-Team-Rust

  View on GitHub
  A beginner-friendly collection of Rust notes focused on Red Team Tooling • Malware Development • Systems Programming • Rust Fundamentals
  ☆58Nov 24, 2025Updated 2 months ago
• 0xTriboulet / InlineExecuteEx

  View on GitHub
  A BOF that's a BOF Loader and more
  ☆196Jan 17, 2026Updated 3 weeks ago
• fern89 / runpe-x64

  View on GitHub
  RunPE adapted for x64 and written in C, does not use RWX
  ☆28May 18, 2024Updated last year
• Scorpion-Security-Labs / OpenHashAPI

  View on GitHub
  OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
  ☆13Oct 27, 2024Updated last year
• CodeXTF2 / cobaltstrike-sleepmask-yara

  View on GitHub
  Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…
  ☆16Jun 4, 2025Updated 8 months ago
• Allevon412 / SyscallTempering

  View on GitHub
  ☆31Jul 26, 2024Updated last year
• silentwarble / Hannibal

  View on GitHub
  Mythic C2 Agent written in x64 PIC C
  ☆84Jan 29, 2025Updated last year
• zarkones / BloodfangC2

  View on GitHub
  Modern PIC implant for Windows (64 & 32 bit)
  ☆105Jul 23, 2025Updated 6 months ago
• magisterquis / bin2memfd

  View on GitHub
  Loads a program into a memfd and runs it.
  ☆11May 22, 2022Updated 3 years ago
• dgros / Malware_Analyzer

  View on GitHub
  Framework complet d'analyse de malware
  ☆12Feb 22, 2016Updated 9 years ago
• 0xTriboulet / emerald_template

  View on GitHub
  A cmake template for crystal palace
  ☆38Dec 20, 2025Updated last month
• CodeXTF2 / CustomC2ChannelTemplate

  View on GitHub
  template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.
  ☆101Jan 10, 2026Updated last month
• Abdelrahme / WinLogHunt

  View on GitHub
  ☆22Aug 16, 2025Updated 5 months ago
• thiagopeixoto / mystique-self-injection

  View on GitHub
  An improvement and a different approach to Mockingjay Self-Injection.
  ☆35May 21, 2024Updated last year
• l00sy4 / ShellterSkelter

  View on GitHub
  Swiss army knife for payload encryption and obfuscation
  ☆28Jan 22, 2024Updated 2 years ago
• TierZeroSecurity / killerPID-BOF

  View on GitHub
  BOF to terminate a process via PID as argument
  ☆28Sep 7, 2025Updated 5 months ago
• kapellos / VladimiRED

  View on GitHub
  ☆19Dec 18, 2024Updated last year
• xforcered / VectoredExceptionHandling

  View on GitHub
  ☆35Aug 21, 2024Updated last year
• rvrsh3ll / Sharp-Suite

  View on GitHub
  My musings with C#
  ☆28Dec 23, 2022Updated 3 years ago
• sikumy / sauron

  View on GitHub
  Fast context enumeration for newly obtained Active Directory credentials.
  ☆85Aug 26, 2025Updated 5 months ago
• bmiller08 / Win10QuickSecure

  View on GitHub
  Changes MDM registry keys without the need for an MDM server to quickly disable WiFi-Sense and handle other potential security concerns i…
  ☆15Aug 10, 2015Updated 10 years ago
• NotoriousRebel / ConfigPersist

  View on GitHub
  Modifies machine.config for persistence after installing signed .net assembly onto GAC
  ☆13Mar 17, 2022Updated 3 years ago
• rvrsh3ll / FindIngressEmail

  View on GitHub
  Find Inbound Email Domains
  ☆35Dec 21, 2023Updated 2 years ago
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated 11 months ago
• praetorian-inc / google-redirector

  View on GitHub
  A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.
  ☆129Nov 12, 2025Updated 3 months ago
• Syslifters / split-bloodhound

  View on GitHub
  ☆18Sep 14, 2023Updated 2 years ago
• R3alM0m1X82 / SpecterPortal

  View on GitHub
  Advanced post-exploitation framework designed for Red Team operations in Entra ID, Azure and Microsoft 365 environments.
  ☆41Dec 30, 2025Updated last month
• pedro-javierf / Twicexploit

  View on GitHub
  Proof of concept open source implementation of an UAC bypass exploit, based in 2 windows failures.
  ☆12Jun 2, 2020Updated 5 years ago
• Orange-Cyberdefense / moxpack

  View on GitHub
  A Qemu Proxmox Template builder project using Packer
  ☆71Dec 5, 2025Updated 2 months ago
• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆61Jun 9, 2025Updated 8 months ago
• Hackcraft-Labs / SharpShares

  View on GitHub
  Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
  ☆34Nov 13, 2023Updated 2 years ago
• Adaptix-Framework / templates-extender

  View on GitHub
  Templates for developing your own listeners and agents for AdaptixC2.
  ☆44Feb 3, 2026Updated last week
• FalconForceTeam / reply-url-brute

  View on GitHub
  Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure
  ☆15Jan 23, 2025Updated last year