cbrnrd/maliketh

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cbrnrd/maliketh)

cbrnrd / maliketh

🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python

☆45

Alternatives and similar repositories for maliketh

Users that are interested in maliketh are comparing it to the libraries listed below

Sorting:

Ap3x / COFF-Loader
View on GitHub
A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
☆65Dec 16, 2023Updated 2 years ago
Offensive-Panda / .NET_PROFILER_DLL_LOADING
View on GitHub
.NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
☆46Jul 29, 2024Updated last year
JayGLXR / RustySpy
View on GitHub
A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …
☆19Mar 6, 2025Updated 11 months ago
yamakadi / ldr
View on GitHub
A work in progress BOF/COFF loader in Rust
☆50Mar 22, 2023Updated 2 years ago
mgeeky / PEInfo
View on GitHub
Another Portable Executable files analysing stuff
☆21May 28, 2011Updated 14 years ago
xRedCodex / BofArsenal
View on GitHub
The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23
☆23Jun 19, 2025Updated 8 months ago
eversinc33 / GpuDecryptShellcode
View on GitHub
XOR decrypting shellcode using the GPU with OpenCL.
☆120May 22, 2025Updated 9 months ago
JayGLXR / RustyMirage
View on GitHub
A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
☆38Mar 6, 2025Updated 11 months ago
oldboy21 / RflDllOb
View on GitHub
Reflective DLL Injection Made Bella
☆249Jan 6, 2025Updated last year
ChoiSG / havoc2nginx
View on GitHub
havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…
☆12May 8, 2023Updated 2 years ago
JayGLXR / Rusty-Stardust
View on GitHub
A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…
☆59Mar 17, 2025Updated 11 months ago
mrexodia / RiscyWorkshop
View on GitHub
Payload Obfuscation for Red Teams workshop materials
☆78Nov 25, 2025Updated 3 months ago
gatariee / Winton
View on GitHub
Command and Control (C2) framework
☆132May 16, 2025Updated 9 months ago
Ben-Lichtman / reloader
View on GitHub
Reflective DLL self-loading as a library
☆21May 3, 2025Updated 9 months ago
MaorSabag / Adaptix-StealthPalace
View on GitHub
Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration
☆65Updated this week
jc-ryan / holistic_automated_red_teaming
View on GitHub
[EMNLP 2024] Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction
☆17Nov 9, 2024Updated last year
NoahKirchner / speedloader
View on GitHub
Rust template/library for implementing your own COFF loader
☆72Jan 27, 2025Updated last year
0xHossam / HuffLoader
View on GitHub
Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
☆281Apr 6, 2025Updated 10 months ago
nbaertsch / PoolProxy
View on GitHub
Proxy function calls through the thread pool with ease
☆31Feb 27, 2025Updated last year
HulkOperator / Spoof-RetAddr
View on GitHub
☆36Nov 8, 2024Updated last year
Teach2Breach / snapinject_rs
View on GitHub
A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
☆50Jan 25, 2025Updated last year
cbwang505 / windbg-uefi
View on GitHub
这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得
☆44Jun 16, 2024Updated last year
CognisysGroup / HadesLdr
View on GitHub
Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
☆293Jul 15, 2023Updated 2 years ago
naksyn / Embedder
View on GitHub
Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
☆122May 29, 2024Updated last year
outflanknl / macho-loader
View on GitHub
Position-independent Reflective Loader for macOS
☆118Feb 19, 2026Updated last week
S3cur3Th1sSh1t / nim-strenc
View on GitHub
string encryption in Nim
☆20Jun 15, 2024Updated last year
0xcf80 / ShellCodeLoader_Indirect_Syscalls
View on GitHub
Shellcode Loader using indirect syscalls
☆16Jan 21, 2024Updated 2 years ago
0xtengu / Cloak64
View on GitHub
☆49Dec 21, 2025Updated 2 months ago
riesha / drv-vuln-scanner
View on GitHub
Finds imports that could be exploited, still requires manual analysis.
☆29Nov 9, 2022Updated 3 years ago
Teach2Breach / rpeloader
View on GitHub
use python on windows with full submodule support without installation
☆30Jan 23, 2025Updated last year
senzee1984 / MutationGate
View on GitHub
Use hardware breakpoint to dynamically change SSN in run-time
☆279Apr 10, 2024Updated last year
naksyn / DojoLoader
View on GitHub
Generic PE loader for fast prototyping evasion techniques
☆244Jul 2, 2024Updated last year
lap1nou / CLR_Heap_encryption
View on GitHub
☆101Oct 7, 2023Updated 2 years ago
susMdT / clr-thing
View on GitHub
rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
☆17Jan 6, 2024Updated 2 years ago
ZwCreateFile / RWXAbusing
View on GitHub
RWX Section Abusing
☆16Nov 19, 2023Updated 2 years ago
EvanMcBroom / sleepy
View on GitHub
A lexer and parser for Sleep
☆20Feb 20, 2026Updated last week
Flawww / NtSyscaller
View on GitHub
Manually perform syscalls without going through any external API or DLL.
☆19Apr 19, 2023Updated 2 years ago
nbaertsch / nimvoke
View on GitHub
Indirect syscalls + DInvoke made simple.
☆96Dec 24, 2024Updated last year
Slowerzs / CryptDecryptMemory
View on GitHub
☆31Dec 5, 2024Updated last year