Alternatives and similar repositories for Father

Users that are interested in Father are comparing it to the libraries listed below

• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆131Updated 4 years ago
• MythicAgents / merlin
  Cross-platform post-exploitation HTTP Command & Control agent written in golang
  ☆107Updated 7 months ago
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆234Updated 11 months ago
• 0xRick / c2
  A basic c2 / agent.
  ☆119Updated 5 years ago
• MythicAgents / Medusa
  Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic
  ☆200Updated 4 months ago
• jconwell / secret_handshake
  A prototype malware C2 channel using x509 certificates over mTLS
  ☆151Updated last year
• kleiton0x00 / Shelltropy
  A technique of hiding malicious shellcode via Shannon encoding.
  ☆260Updated 3 years ago
• RedTeamOperations / Journey-to-McAfee
  ☆113Updated 3 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated 2 years ago
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆147Updated 2 years ago
• sapph2c / bifrost
  A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.
  ☆36Updated 2 years ago
• Enelg52 / KittyStager
  KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…
  ☆227Updated 2 years ago
• ariary / fileless-xec
  Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,.…
  ☆206Updated last year
• Cerbersec / notes
  Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.
  ☆85Updated 3 years ago
• 0xTriboulet / ZeroTotal
  A collection of source code, binaries, and compilation scripts designed to bypass detection
  ☆25Updated 2 years ago
• georgesotiriadis / MalwareDev
  ☆84Updated 3 years ago
• OccamsXor / Dragnmove
  Infect Shared Files In Memory for Lateral Movement
  ☆196Updated 2 years ago
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆267Updated 2 years ago
• trickster0 / EDR_Detector
  EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.
  ☆93Updated 4 years ago
• trustedsec / SliverKeylogger
  ☆167Updated 2 years ago
• zerosum0x0-archive / archive
  ☆57Updated 3 years ago
• Error996 / bdvl
  bdvl
  ☆115Updated 3 years ago
• moloch-- / sliver-py
  A Python gRPC Client Library for Sliver
  ☆78Updated 8 months ago
• arget13 / memexec
  A daemonized DDexec.
  ☆30Updated 8 months ago
• Bw3ll / ShellWasp
  ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…
  ☆170Updated 2 years ago
• MythicAgents / poseidon
  Poseidon is a Golang agent targeting Linux and macOS
  ☆186Updated last week
• reveng007 / reveng_rtkit
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆260Updated this week
• jacob-baines / concealed_position
  Bring your own print driver privilege escalation tool
  ☆260Updated 4 years ago
• preemptdev / bluffy
  Convert shellcode into different formats!
  ☆359Updated 2 years ago
• Octoberfest7 / BeatRev
  POC for frustrating/defeating Malware Analysts
  ☆157Updated 3 years ago