Alternatives and similar repositories for curlshell

Users that are interested in curlshell are comparing it to the libraries listed below

• blacklanternsecurity / badsecrets
  A library for detecting known secrets across many web frameworks
  ☆707Updated this week
• carlospolop / CloudPEASS
  ☆558Updated last month
• hoodoer / JS-Tap
  JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…
  ☆390Updated 4 months ago
• kraken-ng / Kraken
  Kraken, a modular multi-language webshell coded by @secu_x11
  ☆548Updated last year
• D00Movenok / BounceBack
  ↕️🤫 Stealth redirector for your red team operation security
  ☆714Updated 3 months ago
• Rolix44 / Kubestroyer
  Kubernetes exploitation tool
  ☆363Updated last year
• RedTeamPentesting / resocks
  mTLS-Encrypted Back-Connect SOCKS5 Proxy
  ☆462Updated 2 years ago
• Vozec / CVE-2023-7028
  This repository presents a proof-of-concept of CVE-2023-7028
  ☆240Updated last year
• doyensec / Session-Hijacking-Visual-Exploitation
  Session Hijacking Visual Exploitation
  ☆207Updated last year
• CravateRouge / autobloody
  Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
  ☆609Updated 10 months ago
• Anof-cyber / PyCript
  Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
  ☆211Updated last week
• rootcathacking / catspin
  Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway a…
  ☆264Updated last year
• horizon3ai / CVE-2022-40684
  A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
  ☆354Updated 2 years ago
• EvilBytecode / GoRedOps
  🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific…
  ☆598Updated 5 months ago
• lexfo / sshimpanzee
  SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)
  ☆277Updated 7 months ago
• hakaioffsec / IngressNightmare-PoC
  This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).
  ☆211Updated 6 months ago
• Xre0uS / MultiDump
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆527Updated 5 months ago
• carlospolop / bf-aws-permissions
  ☆90Updated 2 months ago
• ttpreport / ligolo-mp
  Multiplayer pivoting solution
  ☆438Updated 2 months ago
• jm33-m0 / SSH-Harvester
  Harvest passwords automatically from OpenSSH server
  ☆375Updated 2 years ago
• dhmosfunk / CVE-2023-25690-POC
  CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …
  ☆285Updated last year
• MrSaighnal / GCR-Google-Calendar-RAT
  Google Calendar RAT is a PoC of Command&Control over Google Calendar Events
  ☆254Updated last month
• RedSiege / GraphStrike
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆608Updated last year
• aniqfakhrul / powerview.py
  Just another Powerview alternative but on steroids
  ☆784Updated 3 weeks ago
• wh0amitz / SharpADWS
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆576Updated last year
• SafeBreach-Labs / CVE-2024-49113
  LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
  ☆501Updated 9 months ago
• waf-bypass-maker / waf-community-bypasses
  ☆539Updated last year
• Hackmanit / TInjA
  TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…
  ☆376Updated 4 months ago
• FalconOpsLLC / goexec
  Windows remote execution multitool
  ☆698Updated this week
• Teach2Breach / Tempest
  A command and control framework written in rust.
  ☆370Updated last month