Alternatives and similar repositories for c2

Users that are interested in c2 are comparing it to the libraries listed below

• Cn33liz / EasySystem
  Quick and dirty System (Power)Shell using NamedPipe impersonation.
  ☆43Updated 8 years ago
• cheetz / spearphishing
  ☆14Updated 7 years ago
• Charliedean / PsexecSpray
  Spray SMB with hashes, Then psexec
  ☆32Updated 5 years ago
• stufus / parse-mimikatz-log
  A relatively flexible tool to parse mimikatz output
  ☆35Updated 8 years ago
• p3nt4 / PSUnlock
  ☆19Updated 8 years ago
• vletoux / ms17-010-Scanner
  ☆58Updated 7 years ago
• v-egoshin / WindowsUploadToolkit
  PHDAYS |||
  ☆17Updated 12 years ago
• Cn33liz / SmashedPotato
  ☆83Updated 9 years ago
• killswitch-GUI / Persistence-Survivability
  Powershell Persistence Locator
  ☆66Updated 8 years ago
• rivet1337 / CS-KickassBot
  A sample bot for Cobalt Strike 3
  ☆22Updated 8 years ago
• V1V1 / Sleight
  Empire HTTP(S) C2 redirector setup script
  ☆47Updated 6 years ago
• DiabloHorn / undetected-meterpreter-stagers
  Custom stagers with python encrypting proxy
  ☆39Updated 10 years ago
• PivotAll / PivotAll
  Comprehensive Pivoting Framework
  ☆20Updated 8 years ago
• khr0x40sh / metasploit-modules
  ☆34Updated 8 years ago
• homjxi0e / PowerAvails
  PowerAvails is a unit of collection of Powershell modules that help you get done many things
  ☆119Updated 6 years ago
• FXWarChest / McAfeeSiteList
  This tool will extract useful information from the McAfee update SiteList file and decrypt the associated password for each entry.
  ☆26Updated 7 years ago
• enigma0x3 / Powershell-C2
  ☆52Updated 11 years ago
• tahmed11 / strutsy
  Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability
  ☆10Updated 6 years ago
• 001SPARTaN / csfm
  Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.
  ☆65Updated 7 years ago
• incredibleindishell / LDAP-credentials-collector-backdoor-generator
  This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.
  ☆58Updated 8 years ago
• Cn33liz / VBSMeter
  VBS Reversed TCP Meterpreter Stager
  ☆87Updated 8 years ago
• skelsec / PyKerberoast
  Implementing Kerberoast attack fully in python
  ☆72Updated 6 years ago
• SherifEldeeb / inmet
  A multi-purpose meterpreter executable (inline, many transports, msfpayload)
  ☆79Updated 7 years ago
• secabstraction / Create-WMIshell
  ☆53Updated 10 years ago
• HarmJ0y / cortana
  This is a pack of Cortana scripts commonly used on our pentests.
  ☆69Updated 10 years ago
• jrmdev / smbwrapper
  Wrappers around smbclient and winexe with PTH support
  ☆33Updated 9 years ago
• blark / PowerLessShell
  Run PowerShell command without invoking powershell.exe
  ☆12Updated 7 years ago
• trustedsec / auto_SettingContent-ms
  This is a quick POC for using the Matt Nelson (enigma0x3) technique for generating a malicious .SettingContent-ms extension type for remo…
  ☆52Updated 6 years ago
• NetSPI / asa_tools
  Verification tools for CVE-2016-1287
  ☆33Updated 8 years ago
• Intrinsec / comission
  WhiteBox CMS analysis
  ☆69Updated 2 years ago