Alternatives and similar repositories for Red-Team-Advent-of-Code

Users that are interested in Red-Team-Advent-of-Code are comparing it to the libraries listed below

• EspressoCake / Needle_Sift_BOF

  View on GitHub
  Strstr with user-supplied needle and filename as a BOF.
  ☆32Sep 27, 2021Updated 4 years ago
• EspressoCake / NativeFunctionStaticMap

  View on GitHub
  A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.
  ☆28Dec 16, 2021Updated 4 years ago
• EspressoCake / DLL-Exports-Extraction-BOF

  View on GitHub
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆90Nov 5, 2021Updated 4 years ago
• frkngksl / Celeborn

  View on GitHub
  Userland API Unhooker Project
  ☆111Jun 14, 2021Updated 4 years ago
• zimnyaa / beepsyscall

  View on GitHub
  An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.
  ☆16Nov 1, 2023Updated 2 years ago
• crypt0p3g / bof-collection

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆186Dec 5, 2022Updated 3 years ago
• audibleblink / xordump

  View on GitHub
  ☆18Aug 15, 2021Updated 4 years ago
• optiv / Registry-Recon

  View on GitHub
  Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon
  ☆342Jun 6, 2022Updated 3 years ago
• Sh0ckFR / InlineWhispers2

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆187Jul 21, 2022Updated 3 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• FortyNorthSecurity / Presentations

  View on GitHub
  Any presentation we've given at FortyNorth Security
  ☆34Sep 27, 2021Updated 4 years ago
• yoda66 / MalwareDevTalk

  View on GitHub
  ☆48Mar 19, 2020Updated 5 years ago
• RedSiege / FunctionalC2

  View on GitHub
  A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!
  ☆80Mar 30, 2023Updated 2 years ago
• ricardojba / Invoke-noPac

  View on GitHub
  .Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac
  ☆61Feb 16, 2023Updated 2 years ago
• Cobalt-Strike / beacon_health_check

  View on GitHub
  This aggressor script uses a beacon's note field to indicate the health status of a beacon.
  ☆141Sep 29, 2021Updated 4 years ago
• fozavci / TradecraftDevelopment-Fundamentals

  View on GitHub
  Tradecraft Development Fundamentals
  ☆40Aug 6, 2021Updated 4 years ago
• jfmaes / CSharpReflectionWorkshop

  View on GitHub
  The repository that complements the From zero to hero: creating a reflective loader in C# workshop
  ☆39Oct 6, 2021Updated 4 years ago
• LethalSnake1337 / PE-Loader-exercise

  View on GitHub
  A simple PE loader.
  ☆27Dec 9, 2022Updated 3 years ago
• wsummerhill / IPv4Fuscation-Encrypted

  View on GitHub
  ☆20Mar 21, 2024Updated last year
• SolomonSklash / SleepyCrypt

  View on GitHub
  A shellcode function to encrypt a running process image when sleeping.
  ☆340Sep 11, 2021Updated 4 years ago
• EspressoCake / DLL-Hijack-Search-Order-BOF

  View on GitHub
  DLL Hijack Search Order Enumeration BOF
  ☆149Nov 3, 2021Updated 4 years ago
• EspressoCake / Toggle_Token_Privileges_BOF

  View on GitHub
  Syscall BOF to arbitrarily add/detract process token privilege rights.
  ☆61Jul 10, 2024Updated last year
• EspressoCake / Firewall_Walker_BOF

  View on GitHub
  A BOF to interact with COM objects associated with the Windows software firewall.
  ☆109Oct 10, 2021Updated 4 years ago
• mitchmoser / SharpShares

  View on GitHub
  Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
  ☆372Sep 20, 2025Updated 4 months ago
• jsecu / BOF-pack-1

  View on GitHub
  A care package of useful bofs for red team engagments
  ☆55Dec 6, 2024Updated last year
• tbhaxor / WinAPI-RedBlue

  View on GitHub
  Source code of exploiting windows API for red teaming series
  ☆150Sep 25, 2022Updated 3 years ago
• KINGSABRI / goCabrito

  View on GitHub
  Super organized and flexible script for sending phishing campaigns
  ☆56Nov 28, 2021Updated 4 years ago
• memN0ps / venom-rs

  View on GitHub
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆360Mar 2, 2024Updated last year
• chr0n1k / AH2021Workshop

  View on GitHub
  Malware development for red teaming workshop
  ☆225Nov 15, 2021Updated 4 years ago
• HuskyHacks / RustyTokenManipulation

  View on GitHub
  just manipulatin these here tokens yes sir nothing weird
  ☆22Apr 18, 2022Updated 3 years ago
• ashirt-ops / ashirt-deployments

  View on GitHub
  Deployment code for ashirt-server
  ☆20Oct 15, 2025Updated 4 months ago
• oldboy21 / SMBSR

  View on GitHub
  Lookup for interesting stuff in SMB shares
  ☆150Jun 16, 2023Updated 2 years ago
• EspressoCake / BeaconDownloadSync

  View on GitHub
  ☆94May 14, 2022Updated 3 years ago
• apokryptein / secinject

  View on GitHub
  Section Mapping Process Injection (secinject): Cobalt Strike BOF
  ☆102Jan 7, 2022Updated 4 years ago
• MrTuxx / aad-sso-enum-brute-spray

  View on GitHub
  Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerS…
  ☆14Feb 23, 2022Updated 3 years ago
• Vyiel / RedTeamPets

  View on GitHub
  A collection of handy and specific tools for the Red Teamer
  ☆11Aug 13, 2024Updated last year
• Aetsu / SLib

  View on GitHub
  SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#
  ☆66Aug 29, 2023Updated 2 years ago
• am0nsec / SharpHellsGate

  View on GitHub
  C# Implementation of the Hell's Gate VX Technique
  ☆216Jun 30, 2020Updated 5 years ago
• FULLSHADE / Auto-Elevate

  View on GitHub
  Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token…
  ☆162Dec 19, 2021Updated 4 years ago