Alternatives and similar repositories for dragon:

Users that are interested in dragon are comparing it to the libraries listed below

• sourcefrenchy / cryptopayload
  module for certexfil
  ☆15Updated 2 years ago
• SecurityJosh / MuteSysmon
  A PowerShell script to prevent Sysmon from writing its events
  ☆15Updated 4 years ago
• bohops / IISAppPoolCreds
  Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.
  ☆14Updated 7 years ago
• rvrsh3ll / SharpSSDP
  SSDP Service Discovery
  ☆16Updated 6 years ago
• codewhitesec / daphne
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆17Updated last year
• 001SPARTaN / SaltedCaramel
  Apfell implant written in C#.
  ☆8Updated 4 years ago
• rmdavy / AmsiPEBWalkVBAx64
  ☆15Updated 5 years ago
• markgamache / GPOwn
  Do the unexpected with AD GPO processing
  ☆9Updated 5 years ago
• waldo-irc / UPSInject
  Unamanged PS with Named Pipes
  ☆9Updated 4 years ago
• davehardy20 / PoSHBypass
  ☆25Updated 6 years ago
• egypt / fake-webdav
  ☆11Updated 4 years ago
• djhohnstein / CSharpCreateThreadExample
  C# code to run PIC using CreateThread
  ☆17Updated 6 years ago
• whiteHat001 / MIcrosoft-Word-Use-After-Free
  ☆15Updated 4 years ago
• NVISOsecurity / cobalt-strike-notifier
  ☆13Updated 3 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆31Updated 5 years ago
• TarlogicSecurity / sepriv
  Tool to manage user privileges
  ☆28Updated 5 years ago
• trustedsec / inProc_Evade_Get-InjectedThread
  PoC code from blog
  ☆16Updated 5 years ago
• 3gstudent / SCTPersistence
  Create COM Objects backed by Scripts, not DLLs
  ☆9Updated 7 years ago
• rmdavy / VBAFunctionPointers
  ☆19Updated 4 years ago
• ChoiSG / sNanoDumpInject
  NanoDumpInject from https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/ , minor edits with a few syscalls
  ☆11Updated 2 years ago
• samisecure / LsassDumpReflectiveDll
  Dump Lsass Memory Using a Reflective Dll
  ☆14Updated 3 years ago
• BorjaMerino / reflectPatcher
  Python script to patch the reflective stub in a DLL
  ☆24Updated 8 years ago
• xenoscr / compressedCredBandit
  A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
  ☆18Updated 3 years ago
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 4 years ago
• py7hagoras / OfficeMacro64
  This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.f…
  ☆20Updated 5 years ago
• johneiser / MalleableC2Parser
  A library to parse, modify, and implement Malleable C2 profiles
  ☆21Updated 6 years ago
• bhassani / doublepulsar
  DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)
  ☆27Updated 5 years ago
• sevagas / weaponize_process_injection_windows_SIGSEGv2_2019
  Files related to my presentation at SigSegV2 conference in 2019. You can find related papers on my blog
  ☆13Updated 5 years ago
• tevora-threat / c2_reporter
  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
  ☆20Updated 4 years ago
• tyranid / setsidmapping
  Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.
  ☆23Updated 4 years ago