Alternatives and similar repositories for curlshell

Users that are interested in curlshell are comparing it to the libraries listed below

• blacklanternsecurity / badsecrets
  A library for detecting known secrets across many web frameworks
  ☆656Updated this week
• hoodoer / JS-Tap
  JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…
  ☆375Updated 2 months ago
• carlospolop / CloudPEASS
  ☆512Updated last month
• D00Movenok / BounceBack
  ↕️🤫 Stealth redirector for your red team operation security
  ☆696Updated last week
• kraken-ng / Kraken
  Kraken, a modular multi-language webshell coded by @secu_x11
  ☆546Updated last year
• CravateRouge / autobloody
  Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
  ☆585Updated 8 months ago
• RedTeamPentesting / resocks
  mTLS-Encrypted Back-Connect SOCKS5 Proxy
  ☆446Updated last year
• Rolix44 / Kubestroyer
  Kubernetes exploitation tool
  ☆362Updated 11 months ago
• Vozec / CVE-2023-7028
  This repository presents a proof-of-concept of CVE-2023-7028
  ☆240Updated last year
• doyensec / Session-Hijacking-Visual-Exploitation
  Session Hijacking Visual Exploitation
  ☆201Updated last year
• FalconOpsLLC / goexec
  Windows remote execution multitool
  ☆591Updated last month
• p0dalirius / ApacheTomcatScanner
  A python script to scan for Apache Tomcat server vulnerabilities.
  ☆843Updated 5 months ago
• Anof-cyber / PyCript
  Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
  ☆207Updated 3 months ago
• aniqfakhrul / powerview.py
  Just another Powerview alternative but on steroids
  ☆740Updated this week
• p0dalirius / smbclient-ng
  smbclient-ng, a fast and user friendly way to interact with SMB shares.
  ☆936Updated 2 weeks ago
• grimlockx / ADCSKiller
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆721Updated 2 years ago
• dhmosfunk / CVE-2023-25690-POC
  CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …
  ☆284Updated 10 months ago
• SafeBreach-Labs / CVE-2024-49113
  LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
  ☆498Updated 6 months ago
• Aegrah / PANIX
  Customizable Linux Persistence Tool for Security Research and Detection Engineering.
  ☆673Updated 4 months ago
• wh0amitz / SharpADWS
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆563Updated last year
• horizon3ai / CVE-2022-40684
  A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
  ☆354Updated 2 years ago
• jm33-m0 / SSH-Harvester
  Harvest passwords automatically from OpenSSH server
  ☆374Updated 2 years ago
• Xre0uS / MultiDump
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆525Updated 2 months ago
• MrSaighnal / GCR-Google-Calendar-RAT
  Google Calendar RAT is a PoC of Command&Control over Google Calendar Events
  ☆247Updated last month
• voidz0r / CVE-2022-44268
  A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read
  ☆216Updated 3 months ago
• rootcathacking / catspin
  Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway a…
  ☆264Updated last year
• Slowerzs / ThievingFox
  ☆543Updated last year
• nxenon / grpc-pentest-suite
  gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications
  ☆225Updated 4 months ago
• hakaioffsec / IngressNightmare-PoC
  This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).
  ☆207Updated 3 months ago
• alt3kx / CVE-2023-24055_PoC
  CVE-2023-24055 PoC (KeePass 2.5x)
  ☆254Updated 2 years ago