Alternatives and similar repositories for XenoRAT

Users that are interested in XenoRAT are comparing it to the libraries listed below

• Whitecat18 / PE-Analyzer.rs

  View on GitHub
  Simple Project that Extracts PE Information.
  ☆21Apr 4, 2025Updated 10 months ago
• Mazzy-Stars / lain_c2

  View on GitHub
  command control framework
  ☆30Updated this week
• doyensec / malicious-devfile-registry

  View on GitHub
  Exploit for CVE-2024-0402 in Gitlab
  ☆15Mar 18, 2025Updated 10 months ago
• maxDcb / C2Implant

  View on GitHub
  Windows C++ Implant for Exploration C2
  ☆44Jan 26, 2026Updated 3 weeks ago
• TraiLeR2 / CVE-2023-36168

  View on GitHub
  An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component
  ☆11Aug 5, 2023Updated 2 years ago
• sliverarmory / CS-Remote-OPs-BOF

  View on GitHub
  ☆13Mar 3, 2025Updated 11 months ago
• shalomc / bhasia2025

  View on GitHub
  BlackHat Asia 2025 code and presentations
  ☆18Apr 13, 2025Updated 10 months ago
• rxOred / process-hollowing

  View on GitHub
  process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
  ☆31Jan 9, 2022Updated 4 years ago
• shellcromancer / DaysOfYARA-2023

  View on GitHub
  Rules Shared by the Community from 100 Days of YARA 2023 -
  ☆18Apr 10, 2023Updated 2 years ago
• CultCornholio / RedTeamTP

  View on GitHub
  ☆85May 15, 2025Updated 9 months ago
• dmcxblue / SharpHIBP

  View on GitHub
  A C# Tool to gather information about email breaches
  ☆16Dec 21, 2023Updated 2 years ago
• syncwithali / HavocExploit

  View on GitHub
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆36Nov 16, 2023Updated 2 years ago
• EspressoCake / DefenderPathExclusions

  View on GitHub
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆32Nov 1, 2023Updated 2 years ago
• 5tuk0v / PointyTokenz

  View on GitHub
  Windows Access token manipulation tool made in C#
  ☆24Aug 24, 2025Updated 5 months ago
• JCSteiner / SGCC---public

  View on GitHub
  Command and Control Framework using powershell implants
  ☆36Jun 17, 2025Updated 7 months ago
• sofianeelhor / CVE-2023-22621-POC

  View on GitHub
  CVE-2023-22621: SSTI to RCE by Exploiting Email Templates affecting Strapi Versions <=4.5.5
  ☆24Apr 25, 2023Updated 2 years ago
• dr4ndrei / OHFFLdr

  View on GitHub
  One-header configurable C++20 COFF loader
  ☆21Jul 21, 2025Updated 6 months ago
• x0reaxeax / SilentWrite

  View on GitHub
  PoC arbitrary WPM without a process handle
  ☆21Jul 22, 2023Updated 2 years ago
• MpCmdRun / 0x0-Crypter

  View on GitHub
  A Free Open sourced crypter that builds a output .NET .exe Stub (Updated whenever I feel like it)
  ☆19Oct 18, 2025Updated 3 months ago
• tdeerenberg / InlineWhispers3

  View on GitHub
  Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion
  ☆99Jul 9, 2025Updated 7 months ago
• mdsecactivebreach / PleasantTools

  View on GitHub
  Tools for Attacking Pleasant Password Server
  ☆22Sep 19, 2023Updated 2 years ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass

  View on GitHub
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54May 12, 2025Updated 9 months ago
• davidenetti / SoftwareSecurityNotes

  View on GitHub
  Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.
  ☆20Feb 2, 2024Updated 2 years ago
• Zeyad-Azima / ShellcodeGenZ

  View on GitHub
  GenZ Shellcode Generator to execute commands with winExec API
  ☆22Apr 27, 2025Updated 9 months ago
• dazzyddos / GraphShell

  View on GitHub
  ☆21May 27, 2024Updated last year
• CodeXTF2 / OpenMalleableC2

  View on GitHub
  Open Source Implementation of Cobalt Strike's Malleable C2
  ☆92Jan 27, 2026Updated 2 weeks ago
• NUL0x4C / HookingLsassForCredentials

  View on GitHub
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61May 12, 2025Updated 9 months ago
• hwbp / LazyHook

  View on GitHub
  Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.
  ☆129Dec 8, 2025Updated 2 months ago
• trickest / elasticsearch_index

  View on GitHub
  Manage attack surface data on Elasticsearch
  ☆24Nov 20, 2023Updated 2 years ago
• DrYenyen / PPPwnGo-Guide

  View on GitHub
  Guide on using the PPPwnGo GUI tool
  ☆11Sep 26, 2024Updated last year
• Sachinart / CVE-2024-0012-POC

  View on GitHub
  CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC
  ☆20Nov 19, 2024Updated last year
• jonny-jhnson / RandomPOCs

  View on GitHub
  Repo that holds random POCs
  ☆52Jan 8, 2024Updated 2 years ago
• 0xPrimo / KMDllInjector

  View on GitHub
  kernel-mode DLL Injector
  ☆126Apr 24, 2025Updated 9 months ago
• BitsByWill / ksmbd-n-day

  View on GitHub
  Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130
  ☆52Sep 13, 2025Updated 5 months ago
• zeroxjf / WebKit-UAF-ANGLE-OOB-Analysis

  View on GitHub
  Analysis of CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB) exploit chain - iOS Safari
  ☆68Jan 20, 2026Updated 3 weeks ago
• ChoiSG / SharpSilentChrome

  View on GitHub
  SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…
  ☆187Aug 6, 2025Updated 6 months ago
• yo-yo-yo-jbo / msf_shellcode_analysis

  View on GitHub
  ☆28Apr 4, 2023Updated 2 years ago
• d4rkiZ / ProcOpen-PHP-Webshell

  View on GitHub
  Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.
  ☆24Jul 14, 2024Updated last year
• gemini-security / GithubC2

  View on GitHub
  ☆27Nov 7, 2023Updated 2 years ago