Alternatives and similar repositories for curlshell

Users that are interested in curlshell are comparing it to the libraries listed below

• D00Movenok / BounceBack
  ↕️🤫 Stealth redirector for your red team operation security
  ☆713Updated 3 months ago
• blacklanternsecurity / badsecrets
  A library for detecting known secrets across many web frameworks
  ☆714Updated last week
• hoodoer / JS-Tap
  JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…
  ☆390Updated 5 months ago
• Rolix44 / Kubestroyer
  Kubernetes exploitation tool
  ☆363Updated last year
• kraken-ng / Kraken
  Kraken, a modular multi-language webshell coded by @secu_x11
  ☆548Updated last year
• carlospolop / CloudPEASS
  ☆573Updated last month
• RedTeamPentesting / resocks
  mTLS-Encrypted Back-Connect SOCKS5 Proxy
  ☆463Updated 2 years ago
• CravateRouge / autobloody
  Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
  ☆614Updated this week
• Vozec / CVE-2023-7028
  This repository presents a proof-of-concept of CVE-2023-7028
  ☆240Updated last year
• hakaioffsec / IngressNightmare-PoC
  This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).
  ☆240Updated 7 months ago
• EvilBytecode / GoRedOps
  🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific…
  ☆596Updated 5 months ago
• doyensec / Session-Hijacking-Visual-Exploitation
  Session Hijacking Visual Exploitation
  ☆208Updated last year
• Anof-cyber / PyCript
  Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
  ☆212Updated 3 weeks ago
• horizon3ai / CVE-2022-40684
  A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
  ☆355Updated 3 years ago
• wh0amitz / SharpADWS
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆577Updated last year
• jm33-m0 / SSH-Harvester
  Harvest passwords automatically from OpenSSH server
  ☆376Updated 2 years ago
• p0dalirius / ApacheTomcatScanner
  A python script to scan for Apache Tomcat server vulnerabilities.
  ☆863Updated 3 weeks ago
• Xre0uS / MultiDump
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆527Updated 6 months ago
• lexfo / sshimpanzee
  SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)
  ☆278Updated 7 months ago
• Orange-Cyberdefense / grepmarx
  A source code static analysis platform for AppSec enthusiasts.
  ☆262Updated 8 months ago
• grimlockx / ADCSKiller
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆730Updated 2 years ago
• ttpreport / ligolo-mp
  Multiplayer pivoting solution
  ☆450Updated 2 months ago
• rootcathacking / catspin
  Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway a…
  ☆264Updated last year
• FalconOpsLLC / goexec
  Windows remote execution multitool
  ☆717Updated 3 weeks ago
• Brum3ns / firefly
  Black box fuzzer for web applications
  ☆433Updated 3 months ago
• waf-bypass-maker / waf-community-bypasses
  ☆540Updated last year
• dhmosfunk / CVE-2023-25690-POC
  CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …
  ☆283Updated last year
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆306Updated last year
• Enelg52 / OffensiveGo
  Golang weaponization for red teamers.
  ☆512Updated last year
• p0dalirius / smbclient-ng
  smbclient-ng, a fast and user friendly way to interact with SMB shares.
  ☆969Updated last month