In-memory BOF implementation of Silent Process Exit LSASS dump via RtlReportSilentProcessExit
☆19Apr 14, 2026Updated 3 months ago
Alternatives and similar repositories for WerWolf
Users that are interested in WerWolf are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- One PsExec client to rule them all☆15Mar 25, 2026Updated 3 months ago
- A simple OAuth App designed to capture OAuth tokens when users authenticate through GitHub OAuth flow.☆25Apr 20, 2026Updated 2 months ago
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 6 months ago
- Tailscale/Headscale C2 profile and agent for Mythic☆25Mar 14, 2026Updated 4 months ago
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆63May 4, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- PoC for CVE-2026-3609 - XIGNCODE3 xhunter1.sys handle leak enabling PPL bypass and LSASS dumping☆29May 12, 2026Updated 2 months ago
- Bypassing EDR's with stealthy c++ telegram Bot and Telegram itself as C2 interface !☆43Mar 24, 2026Updated 3 months ago
- Repository hosting a hypothetical EDR Spoofer, as discovered originally by Nightmare-Eclipse☆41May 27, 2026Updated last month
- Ported from [LACUNA Chain](https://github.com/MazX0p/LACUNA-Chain) by Mohamed Alzhrani (0xmaz). lacuna-rs is a reusable Rust crate that …☆17Jul 2, 2026Updated 2 weeks ago
- DevSecOps for the AI-era CI/CD pipeline. Catches the bugs your AI coding assistant introduces — before they reach production.☆20Updated this week
- Echos is a stealthy C2 traffic emulator built in Rust for Red Teamers. It simulates adversarial beaconing patterns and custom jitter to t…☆34Jun 2, 2026Updated last month
- Tyche is a Mythic HTTPX Profile Generator used to create Malleable C2 Profiles.☆46Mar 28, 2026Updated 3 months ago
- A different approach to writing BOFs in rust.☆21Aug 20, 2025Updated 10 months ago
- Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.☆61May 4, 2026Updated 2 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Evasive loader for .NET Framework assemblies☆44May 14, 2026Updated 2 months ago
- Rusty Armory - Beacon Object Files (BOFs) in Rust (Codename: Armory)☆69Apr 3, 2026Updated 3 months ago
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆83Apr 11, 2026Updated 3 months ago
- A modern alternative Web-UI for the Mythic Command and Control Server☆79Jul 3, 2026Updated last week
- psexec-like remote execution using the paexec wire protocol that supports paexec and remoteexecm2 from manageengine adselfservice plus☆43Mar 24, 2026Updated 3 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆73Mar 8, 2026Updated 4 months ago
- A practical client for ADWS in Golang.☆54Jun 26, 2026Updated 2 weeks ago
- Smuggling C2 comms through links previews☆18Jun 17, 2026Updated 3 weeks ago
- NTLM Relaying to generic web services with NTLM authentication☆77Mar 20, 2026Updated 3 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Modular User-Defined Reflective Loader (UDRL) built on Crystal Palace for controlled DLL execution and evasion research.☆30Apr 14, 2026Updated 3 months ago
- dcsync bof☆54Feb 13, 2026Updated 5 months ago
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalities☆63Mar 1, 2026Updated 4 months ago
- A stealthy loader for shellcode staged with http/https like Sliver☆54Updated this week
- Positron: an Electron (v8 nodejs) DLL injection based JS injection engine☆48May 15, 2026Updated 2 months ago
- A modern GoPhish fork with improved tracking accuracy and smarter detection.☆93Feb 16, 2026Updated 5 months ago
- Sleep replacement that executes real, varied work to break behavioral pattern matching by EDR and anti-cheat systems☆34Jun 10, 2026Updated last month
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆42Jul 1, 2026Updated 2 weeks ago
- Transform LDAP filters, BaseDNs, attribute lists, and attribute entries using composable middleware chains. Zero dependencies. Works as a…☆42Apr 13, 2026Updated 3 months ago
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆92Feb 6, 2026Updated 5 months ago
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 3 months ago
- Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions☆72Nov 15, 2025Updated 8 months ago
- AWS SSO Device-Code Phishing Toolkit for Red / Purple Teams☆23Mar 10, 2026Updated 4 months ago
- WebClientRelayUp - an universal no-fix local privilege escalation in domain-joined windows workstations in default configuration.☆86Apr 28, 2026Updated 2 months ago