Alternatives and similar repositories for Group3r:

Users that are interested in Group3r are comparing it to the libraries listed below

• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆38Updated 7 months ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• An00bRektn / gopher47
  A third-party Gopher Assassin for the Havoc Framework.
  ☆44Updated last year
• netero1010 / Quser-BOF
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆83Updated last year
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆83Updated 2 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆72Updated 2 years ago
• ADPunisher / OwnershipStealer
  ☆27Updated last year
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆58Updated last year
• decoder-it / Troopers24
  ☆41Updated 7 months ago
• VirtualAlllocEx / DSC_SVC_REMOTE
  This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…
  ☆51Updated last year
• Wh04m1001 / PICDumper
  ☆24Updated 2 years ago
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆52Updated 4 years ago
• ZephrFish / HelloJackHunter
  Research into WinSxS binaries and finding hijackable paths
  ☆26Updated 9 months ago
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆79Updated last year
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆73Updated 2 years ago
• klezVirus / SharpLdapRelayScan
  C# Port of LdapRelayScan
  ☆79Updated 3 years ago
• T4TCH3R / RedditC2
  Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic lo…
  ☆25Updated 2 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆52Updated last year
• Wh04m1001 / DiagTrackEoP
  ☆88Updated 2 years ago
• JonasBK / Powershell
  ☆33Updated 3 weeks ago
• leftp / SpoolSamplerNET
  Implementation of SpoolSample without rDLL
  ☆28Updated 4 years ago
• zimawhit3 / DynimicGhostWriting
  Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
  ☆28Updated 3 years ago
• topotam / SharpWeb
  .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
  ☆21Updated 6 years ago
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆56Updated 2 years ago
• 0xbad53c / OffSecOps-Arsenal
  Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.
  ☆24Updated 6 months ago
• Synzack / Excel-4.0-Shellcode-Generator
  ☆12Updated 4 years ago
• latortuga71 / SharpChisel-NG
  ☆35Updated last year
• KingOfTheNOPs / EnableWebDAVClient-BOF
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆18Updated last year
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆88Updated 2 years ago