Alternatives and similar repositories for Father

Users that are interested in Father are comparing it to the libraries listed below

• dobin / antnium
  A C2 framework for initial access in Go
  ☆183Updated 2 years ago
• jconwell / secret_handshake
  A prototype malware C2 channel using x509 certificates over mTLS
  ☆153Updated last year
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆229Updated 5 months ago
• RedTeamOperations / Journey-to-McAfee
  ☆113Updated 3 years ago
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆127Updated 3 years ago
• xforcered / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆330Updated 10 months ago
• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆378Updated 10 months ago
• kleiton0x00 / Shelltropy
  A technique of hiding malicious shellcode via Shannon encoding.
  ☆255Updated 2 years ago
• last-byte / RIPPL
  RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows
  ☆7Updated 3 years ago
• MythicAgents / Medusa
  Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic
  ☆181Updated 2 months ago
• oXis / GPUSleep
  Move CS beacon to GPU memory when sleeping
  ☆246Updated 3 years ago
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆139Updated last year
• NUL0x4C / APCLdr
  Payload Loader With Evasion Features
  ☆318Updated 2 years ago
• Enelg52 / KittyStager
  KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…
  ☆221Updated last year
• zerosum0x0-archive / archive
  ☆55Updated 3 years ago
• Tylous / Freeze.rs
  Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
  ☆184Updated 8 months ago
• byt3bl33d3r / pyMalleableC2
  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
  ☆279Updated 7 months ago
• adamsvoboda / nim-loader
  WIP shellcode loader in nim with EDR evasion techniques
  ☆217Updated 3 years ago
• SolomonSklash / SleepyCrypt
  A shellcode function to encrypt a running process image when sleeping.
  ☆339Updated 3 years ago
• kymb0 / Malware_learns
  ☆132Updated last year
• aaaddress1 / Skrull
  Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…
  ☆457Updated 3 years ago
• OccamsXor / Dragnmove
  Infect Shared Files In Memory for Lateral Movement
  ☆195Updated 2 years ago
• binderlabs / DirCreate2System
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆357Updated 2 years ago
• bananabr / TimeException
  A tool to find folders excluded from AV real-time scanning using a time oracle
  ☆233Updated last year
• IkerSaint / KingHamlet
  Process Ghosting Tool
  ☆174Updated 3 years ago
• georgesotiriadis / MalwareDev
  ☆85Updated 2 years ago
• nettitude / ShellcodeMutator
  ☆248Updated 2 years ago
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆266Updated last year
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated last year
• SaadAhla / AMSI_patch
  Patching AmsiOpenSession by forcing an error branching
  ☆145Updated last year