Alternatives and similar repositories for Father:

Users that are interested in Father are comparing it to the libraries listed below

• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆227Updated 3 months ago
• MythicAgents / Medusa
  Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic
  ☆173Updated last month
• last-byte / RIPPL
  RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows
  ☆7Updated 3 years ago
• xforcered / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆323Updated 8 months ago
• Wh04m1001 / CVE-2023-20178
  ☆92Updated last year
• MythicAgents / merlin
  Cross-platform post-exploitation HTTP Command & Control agent written in golang
  ☆93Updated 3 months ago
• dobin / antnium
  A C2 framework for initial access in Go
  ☆177Updated 2 years ago
• RedTeamOperations / Journey-to-McAfee
  ☆112Updated 2 years ago
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆122Updated 3 years ago
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆266Updated last year
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆136Updated last year
• preemptdev / bluffy
  Convert shellcode into different formats!
  ☆349Updated 2 years ago
• m8sec / CVE-2021-34527
  PrintNightmare (CVE-2021-34527) PoC Exploit
  ☆107Updated 2 years ago
• d4rckh / grc2
  grim reaper c2
  ☆335Updated 2 years ago
• ly4k / PassTheChallenge
  Recovering NTLM hashes from Credential Guard
  ☆333Updated 2 years ago
• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆374Updated 7 months ago
• S3cur3Th1sSh1t / Ruy-Lopez
  ☆299Updated last year
• jconwell / secret_handshake
  A prototype malware C2 channel using x509 certificates over mTLS
  ☆153Updated last year
• MythicAgents / Athena
  ☆195Updated last month
• Sq00ky / SMB-Session-Spoofing
  ☆121Updated last year
• IkerSaint / KingHamlet
  Process Ghosting Tool
  ☆170Updated 3 years ago
• S3cur3Th1sSh1t / Nim-RunPE
  A Nim implementation of reflective PE-Loading from memory
  ☆275Updated 6 months ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago
• SaadAhla / AMSI_patch
  Patching AmsiOpenSession by forcing an error branching
  ☆144Updated last year
• trustedsec / SliverKeylogger
  ☆157Updated last year
• N4kedTurtle / PersistBOF
  A BOF to automate common persistence tasks for red teamers
  ☆271Updated 2 years ago
• Enelg52 / KittyStager
  KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…
  ☆219Updated last year
• VirtualAlllocEx / Payload-Download-Cradles
  This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …
  ☆257Updated 2 years ago
• jfmaes / Invoke-DLLClone
  Koppeling x Metatwin x LazySign
  ☆209Updated 3 years ago
• adamsvoboda / nim-loader
  WIP shellcode loader in nim with EDR evasion techniques
  ☆210Updated 2 years ago