Alternatives and similar repositories for EXEfromCER

Users that are interested in EXEfromCER are comparing it to the libraries listed below

• kypvas / LDIFToBloodHound

  View on GitHub
  A Windows tool that converts LDIF files to BloodHound CE
  ☆25Dec 20, 2025Updated last month
• praetorian-inc / google-redirector

  View on GitHub
  A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.
  ☆130Nov 12, 2025Updated 3 months ago
• jhalon / cSessionHop

  View on GitHub
  Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM
  ☆63Dec 25, 2025Updated last month
• zarkones / BloodfangC2

  View on GitHub
  Modern PIC implant for Windows (64 & 32 bit)
  ☆105Jul 23, 2025Updated 6 months ago
• c0nf1den71al / Lodestar-Forge

  View on GitHub
  Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.
  ☆108Jan 19, 2026Updated 3 weeks ago
• Pulse-Security / wifi-client-isolation-bypass

  View on GitHub
  Bypass WiFi client isolation on Open and WPA2-PSK networks
  ☆39Oct 14, 2025Updated 4 months ago
• dmcxblue / AzureStrike

  View on GitHub
  An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations
  ☆61Aug 18, 2025Updated 5 months ago
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆155Jul 23, 2025Updated 6 months ago
• Xenov-X / csbot

  View on GitHub
  Golang Automation Framework for Cobalt Strike using the Rest API
  ☆55Dec 4, 2025Updated 2 months ago
• grayhatkiller / wambam-bof

  View on GitHub
  ☆47Dec 5, 2025Updated 2 months ago
• logangoins / BadTakeover-BOF

  View on GitHub
  Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
  ☆85Oct 20, 2025Updated 3 months ago
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated 11 months ago
• Zeyad-Azima / ShellcodeGenZ

  View on GitHub
  GenZ Shellcode Generator to execute commands with winExec API
  ☆22Apr 27, 2025Updated 9 months ago
• logangoins / Cable

  View on GitHub
  .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
  ☆400Jul 23, 2025Updated 6 months ago
• zero2504 / EDR-GhostLocker

  View on GitHub
  AppLocker-Based EDR Neutralization
  ☆302Dec 19, 2025Updated last month
• 0xHossam / HuffLoader

  View on GitHub
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆281Apr 6, 2025Updated 10 months ago
• andreisss / Remote-DLL-Injection-with-Timer-based-Shellcode-Execution

  View on GitHub
  Remote DLL Injection with Timer-based Shellcode Execution
  ☆154Jul 18, 2025Updated 6 months ago
• xforcered / ForsHops

  View on GitHub
  ForsHops
  ☆152Mar 25, 2025Updated 10 months ago
• EspressoCake / EntropyFix

  View on GitHub
  reducing the entropy of your payload
  ☆11Aug 15, 2022Updated 3 years ago
• garrettfoster13 / CVE-2025-59501

  View on GitHub
  CVE-2025-59501 POC code
  ☆25Nov 20, 2025Updated 2 months ago
• Mayyhem / Maestro

  View on GitHub
  Abusing Azure services over C2
  ☆368Jan 20, 2026Updated 3 weeks ago
• cpu0x00 / Ghost

  View on GitHub
  Evasive shellcode loader
  ☆398Oct 17, 2024Updated last year
• CICADA8-Research / RpcMotion

  View on GitHub
  Execute commands, in/exfiltrate files using your custom RPC Server
  ☆63Jan 13, 2026Updated last month
• 0xsp-SRD / ZigStrike

  View on GitHub
  ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features.
  ☆501Jan 23, 2026Updated 3 weeks ago
• paranoidninja / BRC4-BOF-Artillery

  View on GitHub
  ☆146Nov 6, 2025Updated 3 months ago
• Maldev-Academy / Alphabetfuscation

  View on GitHub
  Convert your shellcode into an ASCII string
  ☆127Jun 27, 2025Updated 7 months ago
• Yeeb1 / MagicBOFs

  View on GitHub
  A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.
  ☆16Jul 15, 2025Updated 7 months ago
• ka7ana / CVE-2023-36025

  View on GitHub
  Quick test for CVE-2023-26025 behaviours
  ☆13Nov 29, 2023Updated 2 years ago
• quarkslab / proxyblob

  View on GitHub
  SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.
  ☆304Updated this week
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆381Dec 13, 2024Updated last year
• rasta-mouse / SpawnWith

  View on GitHub
  ☆109Feb 17, 2025Updated last year
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• 0xf4r / cmd-bypass

  View on GitHub
  The command prompt has been disabled by your administrator
  ☆43May 18, 2023Updated 2 years ago
• mxngel / GoAmsiKiller

  View on GitHub
  ☆15Dec 12, 2023Updated 2 years ago
• hackerhouse-opensource / Marble

  View on GitHub
  The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
  ☆318Feb 2, 2026Updated 2 weeks ago
• Octoberfest7 / zip_smuggling

  View on GitHub
  Python3 utility for creating zip files that smuggle additional data for later extraction
  ☆264May 15, 2025Updated 9 months ago
• xforcered / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆275Jul 1, 2025Updated 7 months ago
• BlackSnufkin / LitterBox

  View on GitHub
  A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…
  ☆1,307Nov 12, 2025Updated 3 months ago
• RedTeamPentesting / keycred

  View on GitHub
  Generate and Manage KeyCredentialLinks
  ☆245Jan 30, 2026Updated 2 weeks ago