Alternatives and similar repositories for C2-framework

Users that are interested in C2-framework are comparing it to the libraries listed below

• 7h3w4lk3r / Kill-Floor
  AV/EDR killer using BYOVD technique
  ☆43Updated last year
• dinosn / citrix_cve-2023-4966
  Citrix CVE-2023-4966 from assetnote modified for parallel and file handling
  ☆11Updated 2 years ago
• jakabakos / CVE-2024-23692-RCE-in-Rejetto-HFS
  Unauthenticated RCE Flaw in Rejetto HTTP File Server (CVE-2024-23692)
  ☆16Updated last year
• tykawaii98 / CVE-2024-21338_PoC
  ☆41Updated last year
• Mazzy-Stars / lain_c2
  command control framework
  ☆29Updated 2 weeks ago
• ELMERIKH / TelecordC2
  Advanced Telegram x Discord C2, great for data Exfitration and Network evasion 🔷
  ☆86Updated 11 months ago
• 7h3w4lk3r / RexLdr
  Rex Shellcode Loader for AV/EDR evasion
  ☆35Updated last year
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆83Updated 3 years ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆23Updated last year
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆68Updated last year
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆81Updated 7 months ago
• florylsk / NtDump
  Indirect NT syscalls LSASS dumper.
  ☆46Updated 2 years ago
• CyberSecurityUP / CVE-2025-0401
  Privilege Escalation using Passwd - April Fools prank
  ☆36Updated 10 months ago
• mbadanoiu / CVE-2024-22274
  CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server
  ☆38Updated last year
• hunters-sec / CVE-2025-55188-7z-exploit
  7z exploit POC versions prior to 25.01
  ☆33Updated 5 months ago
• DarkSpaceSecurity / SSH-Stealer
  Smart keylogging capability to steal SSH Credentials including password & Private Key
  ☆151Updated 10 months ago
• iSee857 / CVE-2025-0108-PoC
  Palo Alto Networks PAN-OS 身份验证绕过漏洞批量检测脚本(CVE-2025-0108)
  ☆32Updated 10 months ago
• Maldev-Academy / CodeSearchDemo
  ☆41Updated last year
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆17Updated 2 years ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆35Updated 2 years ago
• SaadAhla / Anti-Sandbox
  ☆48Updated 2 months ago
• PaddyCahil / windows-api-function-cheatsheets
  A reference of Windows API function calls, including functions for file operations, process management, memory management, thread managem…
  ☆119Updated 2 years ago
• Ethicalrat / Evasive-Loader
  Evasive loader to bypass static detection
  ☆59Updated 2 years ago
• brosck / Frosty
  「🧊」Ring 3 Rootkit for Windows 10
  ☆60Updated last year
• wolfcod / beacondbg
  Beacon Debugger
  ☆55Updated last year
• DeEpinGh0st / sRDI-nim
  A nim implementation of sRDI
  ☆20Updated 2 years ago
• 0xTriboulet / scepter-rs
  A hacky way of getting cross-arch/platform support in Cobalt Strike
  ☆37Updated 5 months ago
• Wh04m1001 / CVE-2023-36723
  ☆68Updated 2 years ago
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆51Updated last year
• hdks-bug / hermit
  A command and control framework.
  ☆54Updated last year