Alternatives and similar repositories for shellcoderunner

Users that are interested in shellcoderunner are comparing it to the libraries listed below

• monsieurPale / BreakFAST
  Proof of concept for Kerberos Armoring abuse.
  ☆77Updated last month
• OleFredrik1 / remoteKrbRelayx
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆146Updated 6 months ago
• gatariee / minrm
  a minimalistic winrm client written in python
  ☆25Updated 8 months ago
• jarnovandenbrink / getSPNless
  Python tool to automatically perform SPN-less RBCD attacks.
  ☆114Updated last month
• nullsection / chisel-ng
  Chisel new generation, written in rust. SSH under WSS with some customization.
  ☆124Updated 2 weeks ago
• 0xedh / dumpguard_bof
  Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.
  ☆205Updated last month
• dmcxblue / PyObscura
  A python script that automates a C2 Profile build
  ☆48Updated last month
• alexlee820 / PatchedCLRLoader
  .NET assembly loader with patching AMSI and ETW bypass
  ☆31Updated 9 months ago
• Sh3lldon / HellsVectoredGate
  ☆54Updated 3 months ago
• 0xb11a1 / sliver_extension_uac_bypass_cmstp
  Sliver extension to bypass UAC via cmstp written in rust
  ☆35Updated last year
• t1Sh1n4 / Umbrella
  Umbrella will protect your shellcode from the rain.
  ☆31Updated 8 months ago
• Mojo8898 / scripts
  This repository contains a collection of scripts I use regularly for offensive security-related tasks.
  ☆15Updated 2 weeks ago
• RayRRT / ESC1-unPAC
  A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…
  ☆113Updated last month
• zyn3rgy / RelayInformer
  Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective
  ☆165Updated 3 weeks ago
• casp3r0x0 / CallWindowProcW-ShellcodeLoader
  ☆18Updated 5 months ago
• Thunter-HackTeam / EvilentCoerce
  ☆159Updated 9 months ago
• ghost-ng / slinger
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆57Updated 3 weeks ago
• The-Viper-One / Invoke-PassTheCert
  Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆59Updated 9 months ago
• m4lwhere / profilehound
  ProfileHound - BloodHound OpenGraph collector for user profiles stored on domain machines. Make informed decisions about looting secrets …
  ☆149Updated last month
• decoder-it / printerbugnew
  The DCERPC only printerbug.py version
  ☆200Updated 3 months ago
• Maldev-Academy / ElectronVulnScanner
  Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.
  ☆148Updated 2 months ago
• Yeeb1 / MagicBOFs
  A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.
  ☆16Updated 6 months ago
• rtecCyberSec / RAITrigger
  Local SYSTEM auth trigger for relaying
  ☆168Updated 6 months ago
• yehia-mamdouh / Lsassx
  Dumping LSASS Evaded Endpoint Security Solutions
  ☆18Updated 11 months ago
• OsandaMalith / CallbackShellcode
  Executing Shellcode with ReadDirectoryChanges’s Hidden Callback
  ☆29Updated 3 months ago
• P0142 / LDAP-Bof-Collection
  Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.
  ☆56Updated last month
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆89Updated 11 months ago
• Wh0am123 / CVE-2025-54918-POC
  POC for CVE-2025-54918 and a technical demonstration.
  ☆49Updated 3 weeks ago
• Nomad0x7 / sekken-enum
  adws enumeration bof
  ☆161Updated 4 months ago
• synacktiv / CVE-2024-43468
  ☆94Updated last year