Alternatives and similar repositories for TriageMCP

Users that are interested in TriageMCP are comparing it to the libraries listed below

• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆36Updated 3 months ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆38Updated 3 years ago
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 2 months ago
• ChaitanyaHaritash / IllusiveFog
  Windows Administrator level Implant.
  ☆49Updated 8 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆49Updated 5 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆17Updated 5 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 4 months ago
• dmcxblue / Claude-C2
  Utilizng an MCP Server to communicate with your C2
  ☆64Updated 2 weeks ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆52Updated last year
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆35Updated last month
• jaredcatkinson / MalwareMorphology
  ☆80Updated 6 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆79Updated 9 months ago
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆56Updated 2 years ago
• MazX0p / CobaltSentry
  ☆23Updated 3 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 10 months ago
• VirtualSamuraii / flyphish
  Deploy a phishing infrastructure on the fly.
  ☆68Updated 5 months ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• HulkOperator / AuthStager
  ☆55Updated 7 months ago
• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆60Updated 2 weeks ago
• eric-conrad / c2-talk
  ☆37Updated last year
• sidaf / moonshine
  ☆69Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆48Updated last year
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated last year
• 0xB455 / ActiveSyncBruter
  ☆25Updated 2 months ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆82Updated last year
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆29Updated last year
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆90Updated 11 months ago
• RedSiege / Chromatophore
  Utilities for obfuscating shellcode
  ☆68Updated 2 months ago
• OffsecDeer / TargetedTimeroast
  Tamper Active Directory user attributes to collect their hashes with MS-SNTP
  ☆36Updated 4 months ago