Alternatives and similar repositories for Lodestar-Forge

Users that are interested in Lodestar-Forge are comparing it to the libraries listed below

• Nomad0x7 / sekken-enum

  View on GitHub
  adws enumeration bof
  ☆162Oct 2, 2025Updated 4 months ago
• xyplex3 / RedTeamCoin

  View on GitHub
  Red Team Coin for crypto-mining operations.
  ☆23Jan 12, 2026Updated last month
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆60Jan 5, 2026Updated last month
• zarkones / BloodfangC2

  View on GitHub
  Modern PIC implant for Windows (64 & 32 bit)
  ☆105Jul 23, 2025Updated 6 months ago
• jhalon / cSessionHop

  View on GitHub
  Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM
  ☆63Dec 25, 2025Updated last month
• whokilleddb / sinister-vsix

  View on GitHub
  Blog/Journal on how to backdoor VSCode extensions
  ☆76Updated this week
• asaurusrex / Silent_Chrome

  View on GitHub
  This code silently installs Chrome extensions on Mac, Windows, and Linux
  ☆128Jul 22, 2025Updated 6 months ago
• 0xRedpoll / ludus_cobaltstrike_teamserver

  View on GitHub
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆18Mar 19, 2025Updated 10 months ago
• ibaiC / FriendlyFireBOF

  View on GitHub
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆57Apr 14, 2025Updated 10 months ago
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆104Nov 7, 2025Updated 3 months ago
• kozmer / aad-bofs

  View on GitHub
  ☆137Nov 17, 2025Updated 2 months ago
• grayhatkiller / wambam-bof

  View on GitHub
  ☆47Dec 5, 2025Updated 2 months ago
• pard0p / Remote-BOF-Runner

  View on GitHub
  Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …
  ☆88Jan 2, 2026Updated last month
• dmcxblue / PyObscura

  View on GitHub
  A python script that automates a C2 Profile build
  ☆48Dec 14, 2025Updated 2 months ago
• trickster0 / PrimitiveInjection

  View on GitHub
  PrimitiveInjection by using Read, Write and Allocation Primitives.
  ☆53Jun 21, 2025Updated 7 months ago
• outflanknl / regcertipy

  View on GitHub
  Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does
  ☆94Jul 3, 2025Updated 7 months ago
• rasta-mouse / Crystal-Loaders

  View on GitHub
  A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike
  ☆184Oct 29, 2025Updated 3 months ago
• OtterHacker / AWSDoor

  View on GitHub
  AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments
  ☆30Sep 17, 2025Updated 4 months ago
• rad9800 / byor

  View on GitHub
  ☆163Jun 12, 2025Updated 8 months ago
• rasta-mouse / SpawnWith

  View on GitHub
  ☆109Feb 17, 2025Updated 11 months ago
• vysecurity / ExfilServer

  View on GitHub
  Client-side Encrypted Upload Server Python Script
  ☆66Jul 10, 2025Updated 7 months ago
• xRedCodex / BofArsenal

  View on GitHub
  The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23
  ☆23Jun 19, 2025Updated 7 months ago
• kypvas / LDIFToBloodHound

  View on GitHub
  A Windows tool that converts LDIF files to BloodHound CE
  ☆25Dec 20, 2025Updated last month
• zero2504 / Early-Cryo-Bird-Injections

  View on GitHub
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆135Apr 6, 2025Updated 10 months ago
• MaorSabag / impacket-jump

  View on GitHub
  Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…
  ☆119Dec 7, 2025Updated 2 months ago
• ricardojoserf / NativeTokenImpersonate

  View on GitHub
  Impersonate Tokens using only NTAPI functions
  ☆83Apr 4, 2025Updated 10 months ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆183Jan 17, 2026Updated 3 weeks ago
• Cracked5pider / earlycascade-injection

  View on GitHub
  early cascade injection PoC based on Outflanks blog post
  ☆236Nov 7, 2024Updated last year
• ofasgard / execute-assembly-pico

  View on GitHub
  A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.
  ☆128Jan 28, 2026Updated 2 weeks ago
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆208Jan 30, 2025Updated last year
• CCob / DRSAT

  View on GitHub
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆273Dec 27, 2024Updated last year
• dr4ndrei / OHFFLdr

  View on GitHub
  One-header configurable C++20 COFF loader
  ☆21Jul 21, 2025Updated 6 months ago
• garrettfoster13 / fustercluck

  View on GitHub
  POC tool to abuse windows server failover clusters
  ☆54Aug 7, 2025Updated 6 months ago
• Xenov-X / csbot

  View on GitHub
  Golang Automation Framework for Cobalt Strike using the Rest API
  ☆55Dec 4, 2025Updated 2 months ago
• Teach2Breach / rpeloader

  View on GitHub
  use python on windows with full submodule support without installation
  ☆30Jan 23, 2025Updated last year
• 0xbad53c / OffSecOps-Arsenal

  View on GitHub
  Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.
  ☆45Aug 16, 2024Updated last year
• 0xTriboulet / ai-postex

  View on GitHub
  Proof-of-concept implementation of AI-enabled postex DLLs
  ☆54Sep 10, 2025Updated 5 months ago
• absolomb / FindMeAccess

  View on GitHub
  ☆193Dec 17, 2025Updated last month
• xforcered / Being-A-Good-CLR-Host

  View on GitHub
  ☆139Jan 16, 2025Updated last year