Alternatives and similar repositories for curlshell

Users that are interested in curlshell are comparing it to the libraries listed below

• kraken-ng / Kraken
  Kraken, a modular multi-language webshell coded by @secu_x11
  ☆548Updated last year
• RedTeamPentesting / resocks
  mTLS-Encrypted Back-Connect SOCKS5 Proxy
  ☆456Updated last year
• blacklanternsecurity / badsecrets
  A library for detecting known secrets across many web frameworks
  ☆680Updated this week
• carlospolop / CloudPEASS
  ☆529Updated 3 weeks ago
• Rolix44 / Kubestroyer
  Kubernetes exploitation tool
  ☆363Updated last year
• CravateRouge / autobloody
  Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
  ☆594Updated 9 months ago
• D00Movenok / BounceBack
  ↕️🤫 Stealth redirector for your red team operation security
  ☆708Updated last month
• hoodoer / JS-Tap
  JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…
  ☆378Updated 3 months ago
• horizon3ai / CVE-2022-40684
  A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
  ☆354Updated 2 years ago
• FalconOpsLLC / goexec
  Windows remote execution multitool
  ☆661Updated 2 weeks ago
• jm33-m0 / SSH-Harvester
  Harvest passwords automatically from OpenSSH server
  ☆375Updated 2 years ago
• grimlockx / ADCSKiller
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆728Updated 2 years ago
• aniqfakhrul / powerview.py
  Just another Powerview alternative but on steroids
  ☆774Updated this week
• wh0amitz / SharpADWS
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆574Updated last year
• Vozec / CVE-2023-7028
  This repository presents a proof-of-concept of CVE-2023-7028
  ☆240Updated last year
• Xre0uS / MultiDump
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆527Updated 4 months ago
• RedSiege / GraphStrike
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆607Updated last year
• Aegrah / PANIX
  Customizable Linux Persistence Tool for Security Research and Detection Engineering.
  ☆744Updated 5 months ago
• testanull / ProxyNotShell-PoC
  ☆411Updated 2 years ago
• p0dalirius / ApacheTomcatScanner
  A python script to scan for Apache Tomcat server vulnerabilities.
  ☆848Updated 2 weeks ago
• Anof-cyber / PyCript
  Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
  ☆209Updated 4 months ago
• MrSaighnal / GCR-Google-Calendar-RAT
  Google Calendar RAT is a PoC of Command&Control over Google Calendar Events
  ☆252Updated last week
• lexfo / sshimpanzee
  SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)
  ☆272Updated 5 months ago
• hakaioffsec / IngressNightmare-PoC
  This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).
  ☆209Updated 5 months ago
• expl0itabl3 / Toolies
  Ad hoc collection of Red Teaming & Active Directory tooling.
  ☆213Updated 2 years ago
• SafeBreach-Labs / CVE-2024-49113
  LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
  ☆500Updated 7 months ago
• ttpreport / ligolo-mp
  Multiplayer pivoting solution
  ☆413Updated 3 weeks ago
• p0dalirius / smbclient-ng
  smbclient-ng, a fast and user friendly way to interact with SMB shares.
  ☆947Updated 2 weeks ago
• EvilBytecode / GoRedOps
  🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific…
  ☆582Updated 3 months ago
• dhmosfunk / CVE-2023-25690-POC
  CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …
  ☆285Updated last year