Alternatives and similar repositories for NimExec

Users that are interested in NimExec are comparing it to the libraries listed below

• x42en / sysplant

  View on GitHub
  Your syscall factory
  ☆126Jan 13, 2026Updated last month
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆609Jan 2, 2025Updated last year
• wh0amitz / S4UTomato

  View on GitHub
  Escalate Service Account To LocalSystem via Kerberos
  ☆402Sep 14, 2023Updated 2 years ago
• grimlockx / ADCSKiller

  View on GitHub
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆738May 19, 2023Updated 2 years ago
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆714Mar 4, 2023Updated 2 years ago
• Dec0ne / DavRelayUp

  View on GitHub
  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
  ☆565Jun 5, 2023Updated 2 years ago
• Helixo32 / NimBlackout

  View on GitHub
  Kill AV/EDR leveraging BYOVD attack
  ☆390Jul 11, 2023Updated 2 years ago
• zblurx / certsync

  View on GitHub
  Dump NTDS with golden certificates and UnPAC the hash
  ☆646Mar 20, 2024Updated last year
• YOLOP0wn / POSTDump

  View on GitHub
  ☆341Nov 10, 2025Updated 3 months ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,297Dec 7, 2023Updated 2 years ago
• trustedsec / CS_COFFLoader

  View on GitHub
  ☆131Dec 4, 2023Updated 2 years ago
• chvancooten / NimPlant

  View on GitHub
  A light-weight first-stage C2 implant written in Nim (and Rust).
  ☆933Mar 28, 2025Updated 10 months ago
• XiaoliChan / wmiexec-Pro

  View on GitHub
  New generation of wmiexec.py
  ☆1,255Jan 5, 2026Updated last month
• frkngksl / NiCOFF

  View on GitHub
  COFF and BOF Loader written in Nim
  ☆176Aug 1, 2022Updated 3 years ago
• Dec0ne / ShadowSpray

  View on GitHub
  A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
  ☆482Oct 14, 2022Updated 3 years ago
• mertdas / PrivKit

  View on GitHub
  PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
  ☆563Jan 20, 2026Updated 3 weeks ago
• Octoberfest7 / DropSpawn_BOF

  View on GitHub
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆285Jun 8, 2023Updated 2 years ago
• lem0nSec / ShellGhost

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,199Oct 16, 2023Updated 2 years ago
• mdsecactivebreach / DragonCastle

  View on GitHub
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆301Oct 26, 2022Updated 3 years ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆671Aug 15, 2025Updated 5 months ago
• S3cur3Th1sSh1t / Ruy-Lopez

  View on GitHub
  ☆319Jun 28, 2023Updated 2 years ago
• foxlox / GIUDA

  View on GitHub
  Ask a TGS on behalf of another user without password
  ☆481Mar 30, 2025Updated 10 months ago
• optiv / Freeze.rs

  View on GitHub
  Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
  ☆722Aug 18, 2023Updated 2 years ago
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  ☆1,117Jan 6, 2026Updated last month
• jfjallid / go-secdump

  View on GitHub
  Tool to remotely dump secrets from the Windows registry
  ☆522Nov 18, 2025Updated 2 months ago
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆321Jul 2, 2023Updated 2 years ago
• WKL-Sec / WMIExec

  View on GitHub
  Set of python scripts which perform different ways of command execution via WMI protocol.
  ☆165Jun 29, 2023Updated 2 years ago
• SaadAhla / TakeMyRDP

  View on GitHub
  A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…
  ☆398Aug 2, 2023Updated 2 years ago
• wh0amitz / KRBUACBypass

  View on GitHub
  UAC Bypass By Abusing Kerberos Tickets
  ☆508Aug 10, 2023Updated 2 years ago
• wh0amitz / SharpADWS

  View on GitHub
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆585Mar 19, 2024Updated last year
• naksyn / Pyramid

  View on GitHub
  a tool to help operate in EDRs' blind spots
  ☆769Dec 2, 2024Updated last year
• icyguider / UAC-BOF-Bonanza

  View on GitHub
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆603Feb 21, 2024Updated last year
• S3cur3Th1sSh1t / Nim-RunPE

  View on GitHub
  A Nim implementation of reflective PE-Loading from memory
  ☆298Sep 5, 2024Updated last year
• Mayyhem / SharpSCCM

  View on GitHub
  A C# utility for interacting with SCCM
  ☆682Aug 20, 2025Updated 5 months ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,004Jun 4, 2024Updated last year
• S3cur3Th1sSh1t / Caro-Kann

  View on GitHub
  Encrypted shellcode Injection to avoid Kernel triggered memory scans
  ☆407Sep 12, 2023Updated 2 years ago
• georgesotiriadis / Chimera

  View on GitHub
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆502Dec 19, 2023Updated 2 years ago
• icyguider / Nimcrypt2

  View on GitHub
  .NET, PE, & Raw Shellcode Packer/Loader Written in Nim
  ☆813Jan 20, 2023Updated 3 years ago
• fortra / nanodump

  View on GitHub
  The swiss army knife of LSASS dumping
  ☆2,069Sep 17, 2024Updated last year