Alternatives and similar repositories for conquest

Users that are interested in conquest are comparing it to the libraries listed below

• EvilBytecode / ExitPatcher

  View on GitHub
  Prevent in-process process termination by patching exit APIs
  ☆63Nov 9, 2025Updated 3 months ago
• M1ndo / WerDump

  View on GitHub
  A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
  ☆165Sep 22, 2025Updated 4 months ago
• 0xthirteen / WMI_Proc_Dump

  View on GitHub
  Dump processes over WMI with MSFT_MTProcess
  ☆81Updated this week
• 0xflux / Vectored-Exception-Handling-Squared

  View on GitHub
  Vectored Exception Handling Squared
  ☆29Dec 27, 2025Updated last month
• art3x / ascan_sliver

  View on GitHub
  Tiny and fast port scanner (Sliver edition)
  ☆26Mar 7, 2025Updated 11 months ago
• KingOfTheNOPs / Get-NetNTLM

  View on GitHub
  Internal Monologue BOF
  ☆79Dec 28, 2024Updated last year
• kr0tt / EarlyExceptionHandling

  View on GitHub
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆136Aug 31, 2025Updated 5 months ago
• pard0p / Remote-BOF-Runner

  View on GitHub
  Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …
  ☆88Jan 2, 2026Updated last month
• TwoSevenOneT / CreateProcessAsPPL

  View on GitHub
  This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.
  ☆294Nov 1, 2025Updated 3 months ago
• 0xRedpoll / ludus_mythic_teamserver

  View on GitHub
  Ludus role for deploying a Mythic Teamserver onto Linux servers
  ☆23Mar 16, 2025Updated 10 months ago
• kozmer / silentpulse

  View on GitHub
  single-threaded event driven sleep obfuscation poc for linux
  ☆37Jun 14, 2025Updated 7 months ago
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆155Jul 23, 2025Updated 6 months ago
• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆62Nov 8, 2024Updated last year
• silentwarble / Hannibal

  View on GitHub
  Mythic C2 Agent written in x64 PIC C
  ☆84Jan 29, 2025Updated last year
• sudonoodle / BOF-entra-authcode-flow

  View on GitHub
  Beacon Object File (BOF) to obtain Entra tokens via authcode flow.
  ☆122Jan 17, 2026Updated 3 weeks ago
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆61Jun 9, 2025Updated 8 months ago
• TwoSevenOneT / WSASS

  View on GitHub
  This is the tool to dump the LSASS process on modern Windows 11
  ☆555Nov 1, 2025Updated 3 months ago
• connormcgarr / Vtl1Mon

  View on GitHub
  Virtual Trust Level (VTL 1) secure call tracing
  ☆95Aug 29, 2025Updated 5 months ago
• KriyosArcane / sliver-ligolo-ng

  View on GitHub
  An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface. Implementation of ligolo-ng into sliver
  ☆24Feb 27, 2025Updated 11 months ago
• bot984397 / eepy

  View on GitHub
  ☆38Apr 15, 2025Updated 9 months ago
• Mojo8898 / aliasr

  View on GitHub
  Aliasr is a modern, feature-rich TUI launcher for penetration testing commands inspired by Arsenal, but with significantly improved funct…
  ☆92Jan 26, 2026Updated 2 weeks ago
• dmcxblue / WSL-Payloads

  View on GitHub
  A small How-To on creating your own weaponized WSL file
  ☆119Jul 23, 2025Updated 6 months ago
• pruno7 / nEkko

  View on GitHub
  A nim port of C5pider's Ekko project.
  ☆17Oct 1, 2022Updated 3 years ago
• EvilWhales / nightshade

  View on GitHub
  ☆36Jul 1, 2025Updated 7 months ago
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆60Jan 5, 2026Updated last month
• CICADA8-Research / Spyndicapped

  View on GitHub
  COM ViewLogger — new malware keylogging technique
  ☆403Jan 6, 2025Updated last year
• Darkrain2009 / RedExt

  View on GitHub
  Chrome browser extension-based Command & Control
  ☆232Jul 2, 2025Updated 7 months ago
• safedv / RustPotato

  View on GitHub
  A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…
  ☆354Apr 26, 2025Updated 9 months ago
• praetorian-inc / google-redirector

  View on GitHub
  A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.
  ☆129Nov 12, 2025Updated 3 months ago
• Archie-osu / PowerHook

  View on GitHub
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆73Apr 13, 2025Updated 10 months ago
• p0dalirius / FindUnusualSessions

  View on GitHub
  A tool to remotely detect unusual sessions opened on windows machines using RPC
  ☆118Jun 10, 2025Updated 8 months ago
• hasherezade / thread_namecalling

  View on GitHub
  Process Injection using Thread Name
  ☆297Apr 18, 2025Updated 9 months ago
• Friends-Security / ShadowHound

  View on GitHub
  PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…
  ☆398Jan 14, 2026Updated 3 weeks ago
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆70Jun 29, 2025Updated 7 months ago
• jojonas / SharpSAMDump

  View on GitHub
  SAM Dumping in C#
  ☆54Nov 27, 2025Updated 2 months ago
• SlimeOnSecurity / PrintSpoofer-BOF

  View on GitHub
  ☆50May 4, 2025Updated 9 months ago
• rad9800 / byor

  View on GitHub
  ☆163Jun 12, 2025Updated 8 months ago
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆135Apr 18, 2025Updated 9 months ago
• Maldev-Academy / TrapFlagForSyscalling

  View on GitHub
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆139Aug 25, 2025Updated 5 months ago