Alternatives and similar repositories for DbgNexum

Users that are interested in DbgNexum are comparing it to the libraries listed below

• pard0p / Remote-BOF-Runner

  View on GitHub
  Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …
  ☆88Jan 2, 2026Updated last month
• NtDallas / Huginn

  View on GitHub
  ☆57Updated this week
• garrettfoster13 / CVE-2025-59501

  View on GitHub
  CVE-2025-59501 POC code
  ☆25Nov 20, 2025Updated 2 months ago
• loland / inlineExecute

  View on GitHub
  Cobalt Strike BOF
  ☆42Dec 10, 2025Updated 2 months ago
• 0xTriboulet / rssh-rs

  View on GitHub
  ☆55May 31, 2025Updated 8 months ago
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆38Aug 5, 2025Updated 6 months ago
• 0xJs / EnumEDRs

  View on GitHub
  Enumerate active EDR's on the system
  ☆150Sep 23, 2025Updated 4 months ago
• a7t0fwa7 / DllDragon

  View on GitHub
  A simple to use single-include Windows API resolver
  ☆23Jul 9, 2024Updated last year
• Nomad0x7 / sekken-enum

  View on GitHub
  adws enumeration bof
  ☆162Oct 2, 2025Updated 4 months ago
• TwoSevenOneT / EDRStartupHinder

  View on GitHub
  EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.
  ☆183Jan 11, 2026Updated last month
• ofasgard / execute-assembly-pico

  View on GitHub
  A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.
  ☆128Jan 28, 2026Updated 2 weeks ago
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆60Jan 5, 2026Updated last month
• breakfix / SharpSCOM

  View on GitHub
  A C# utility for interacting with SCOM
  ☆95Dec 2, 2025Updated 2 months ago
• RedSiege / What-The-F

  View on GitHub
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆70Jun 25, 2024Updated last year
• garrettfoster13 / mssqlkaren

  View on GitHub
  modified mssqlclient from impacket to extract policies from the SCCM database
  ☆42Nov 4, 2025Updated 3 months ago
• CultCornholio / RedTeamTP

  View on GitHub
  ☆85May 15, 2025Updated 9 months ago
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• AlmondOffSec / LibTPLoadLib

  View on GitHub
  Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…
  ☆73Nov 6, 2025Updated 3 months ago
• p0dalirius / ShareHound

  View on GitHub
  A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily
  ☆260Feb 5, 2026Updated last week
• Orange-Cyberdefense / moxpack

  View on GitHub
  A Qemu Proxmox Template builder project using Packer
  ☆71Dec 5, 2025Updated 2 months ago
• NtDallas / BOF_Spawn

  View on GitHub
  Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames
  ☆150Nov 23, 2025Updated 2 months ago
• mubix / Find-WSUS

  View on GitHub
  Helps defenders find their WSUS configurations in the wake of CVE-2025-59287
  ☆46Oct 28, 2025Updated 3 months ago
• PhantomSecurityGroup / Intro-to-EDR-Evasion

  View on GitHub
  CyberShield 2025 Intro to EDR Evasion Class
  ☆17Jun 3, 2025Updated 8 months ago
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆61Jun 9, 2025Updated 8 months ago
• rvrsh3ll / Bolthole

  View on GitHub
  Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.
  ☆264May 2, 2025Updated 9 months ago
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆104Nov 7, 2025Updated 3 months ago
• decoder-it / KrbRelayEx-RPC

  View on GitHub
  ☆198Mar 28, 2025Updated 10 months ago
• CCob / DRSAT

  View on GitHub
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆273Dec 27, 2024Updated last year
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆72Sep 9, 2025Updated 5 months ago
• p4p1 / havoc-reporter

  View on GitHub
  A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.
  ☆14Oct 31, 2023Updated 2 years ago
• warpedatom / OffsetInspect

  View on GitHub
  PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.
  ☆31Dec 31, 2025Updated last month
• zer0condition / mhydeath

  View on GitHub
  Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
  ☆407Aug 22, 2023Updated 2 years ago
• 0xsch1zo / NullGate

  View on GitHub
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆166Jul 30, 2025Updated 6 months ago
• icyguider / UAC-BOF-Bonanza

  View on GitHub
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆603Feb 21, 2024Updated last year
• scrt / PowerChell

  View on GitHub
  A PowerShell console in C/C++ with all the security features disabled
  ☆342Oct 14, 2025Updated 4 months ago
• werdhaihai / SharpAltShellCodeExec

  View on GitHub
  Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
  ☆85Feb 26, 2023Updated 2 years ago
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆222Dec 3, 2025Updated 2 months ago
• dis0rder0x00 / stillepost

  View on GitHub
  Using Chromium-based browsers as a proxy for C2 traffic.
  ☆141Dec 6, 2025Updated 2 months ago
• 1r0BIT / TaskHound

  View on GitHub
  Tool to enumerate privileged Scheduled Tasks on Remote Systems
  ☆277Jan 12, 2026Updated last month