Alternatives and similar repositories for curlshell

Users that are interested in curlshell are comparing it to the libraries listed below

• peass-ng / CloudPEASS
  ☆598Updated last week
• kraken-ng / Kraken
  Kraken, a modular multi-language webshell coded by @secu_x11
  ☆550Updated last year
• D00Movenok / BounceBack
  ↕️🤫 Stealth redirector for your red team operation security
  ☆1,051Updated 6 months ago
• blacklanternsecurity / badsecrets
  A library for detecting known secrets across many web frameworks
  ☆759Updated this week
• Rolix44 / Kubestroyer
  Kubernetes exploitation tool
  ☆362Updated last year
• hoodoer / JS-Tap
  JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…
  ☆416Updated 8 months ago
• horizon3ai / CVE-2022-40684
  A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
  ☆356Updated 3 years ago
• FalconOpsLLC / goexec
  Windows remote execution multitool
  ☆761Updated 3 months ago
• RedTeamPentesting / resocks
  mTLS-Encrypted Back-Connect SOCKS5 Proxy
  ☆474Updated 2 years ago
• CravateRouge / autobloody
  Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
  ☆665Updated 2 months ago
• rootcathacking / catspin
  Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway a…
  ☆265Updated last year
• Xre0uS / MultiDump
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆535Updated 2 months ago
• Vozec / CVE-2023-7028
  This repository presents a proof-of-concept of CVE-2023-7028
  ☆242Updated 2 years ago
• ttpreport / ligolo-mp
  Multiplayer pivoting solution
  ☆479Updated 2 months ago
• wh0amitz / SharpADWS
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆583Updated last year
• doyensec / Session-Hijacking-Visual-Exploitation
  Session Hijacking Visual Exploitation
  ☆209Updated last year
• hakaioffsec / IngressNightmare-PoC
  This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).
  ☆245Updated 9 months ago
• aniqfakhrul / powerview.py
  Just another Powerview alternative but on steroids
  ☆855Updated last week
• ScorpionesLabs / MSSqlPwner
  ☆403Updated 10 months ago
• RedSiege / GraphStrike
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆619Updated last year
• Enelg52 / OffensiveGo
  Golang weaponization for red teamers.
  ☆514Updated last year
• Hackmanit / TInjA
  TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…
  ☆398Updated 3 weeks ago
• wietze / ArgFuscator.net
  ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native exec…
  ☆388Updated 8 months ago
• SafeBreach-Labs / CVE-2024-49113
  LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
  ☆510Updated last year
• tylerdotrar / SigmaPotato
  SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…
  ☆447Updated last year
• p0dalirius / smbclient-ng
  smbclient-ng, a fast and user friendly way to interact with SMB shares.
  ☆992Updated this week
• waf-bypass-maker / waf-community-bypasses
  ☆544Updated last year
• lexfo / sshimpanzee
  SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)
  ☆281Updated 10 months ago
• optiv / Freeze.rs
  Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
  ☆723Updated 2 years ago
• jm33-m0 / SSH-Harvester
  Harvest passwords automatically from OpenSSH server
  ☆375Updated 2 years ago