mdsecactivebreach/RegPwn external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mdsecactivebreach/RegPwn

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mdsecactivebreach/RegPwn)

Close

mdsecactivebreach / RegPwnView on GitHubMore

• External links
• Readme badge

☆236Mar 13, 2026Updated 3 months ago

Alternatives and similar repositories for RegPwn

Users that are interested in RegPwn are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• MazX0p / mssqlbof

  View on GitHub
  A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself
  ☆98Apr 9, 2026Updated 2 months ago
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆42Aug 5, 2025Updated 10 months ago
• ThanniKudam / TopazTerminator

  View on GitHub
  Just another EDR killer
  ☆140Jan 21, 2026Updated 5 months ago
• klsecservices / CPLDCOMTrigger

  View on GitHub
  ☆47Dec 28, 2025Updated 6 months ago
• memN0ps / doublepulsar-rs

  View on GitHub
  Rusty DoublePulsar - Cobalt Strike User-Defined Reflective Loader (UDRL) in Rust (Codename: DoublePulsar)
  ☆107May 14, 2026Updated last month
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• epotseluevskaya / ASPX_WebShell_COFFLoader

  View on GitHub
  ASPX Web Shell with COFF Loader
  ☆132Mar 10, 2026Updated 3 months ago
• quarkslab / proxyblob

  View on GitHub
  SOCKS5 proxy tool that uses Azure Storage services as a means of communication.
  ☆356Mar 21, 2026Updated 3 months ago
• 0xbbuddha / Notion

  View on GitHub
  Notion C2 Profile for Mythic
  ☆47Apr 30, 2026Updated last month
• andreisss / Living-off-the-COM-Type-Coercion-Abuse

  View on GitHub
  This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…
  ☆53May 16, 2025Updated last year
• SafeBreach-Labs / EventLogin-CVE-2025-29969

  View on GitHub
  Exploitation of CVE-2025-29969
  ☆66Feb 20, 2026Updated 4 months ago
• ricardojoserf / w11_shadow_copies

  View on GitHub
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆86Jan 26, 2026Updated 5 months ago
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆69Jan 5, 2026Updated 5 months ago
• kyxiaxiang / Safetasklist

  View on GitHub
  Help red teams find opsec processes during engagements
  ☆44Dec 7, 2024Updated last year
• backdoorskid / ClrAmsiScanPatcher

  View on GitHub
  Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET
  ☆54May 5, 2025Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• NtDallas / Huginn

  View on GitHub
  ☆86Feb 12, 2026Updated 4 months ago
• xsh3llsh0ck / PicoHook

  View on GitHub
  Small driver that uses alternative syscalls feature
  ☆18May 9, 2024Updated 2 years ago
• temp43487580 / BAADTokenBroker

  View on GitHub
  BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.
  ☆83Apr 11, 2026Updated 2 months ago
• ricardojoserf / SAMDump

  View on GitHub
  Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#…
  ☆366Feb 2, 2026Updated 4 months ago
• CodeXTF2 / Cobaltstrike_BOFLoader

  View on GitHub
  open source port/reimplementation of the Cobalt Strike BOF Loader as is
  ☆72Mar 8, 2026Updated 3 months ago
• ZephrFish / ADFSDump-PS

  View on GitHub
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆44Dec 7, 2025Updated 6 months ago
• Kudaes / Puzzle

  View on GitHub
  Set of PoC to abuse Windows minifilters functionality
  ☆90May 1, 2026Updated last month
• r0keb / MunIntel

  View on GitHub
  kASLR bypass technique on Intel CPUs.
  ☆34May 18, 2025Updated last year
• mandiant / cleanldap

  View on GitHub
  ☆190Oct 21, 2025Updated 8 months ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• aitorfirm / BlackIris

  View on GitHub
  Thats it! An Open-Source Windows UEFI Rootkit
  ☆30Jul 19, 2025Updated 11 months ago
• MrAle98 / ATDCM64a-LPE

  View on GitHub
  ☆23Jan 15, 2025Updated last year
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆262Sep 8, 2024Updated last year
• 0x0Trace / Certihound

  View on GitHub
  Active Directory Certificate Services (ADCS) enumeration library with BloodHound CE v6 export support
  ☆82Jun 10, 2026Updated 2 weeks ago
• sensepost / susinternals

  View on GitHub
  psexecsvc - a python implementation of PSExec's native service implementation
  ☆306Mar 24, 2026Updated 3 months ago
• Ghaleb0x317374 / StealthyWMIExec.py

  View on GitHub
  A stealthier approach to WMI-based command execution using Impacket without touching the disk.
  ☆85Mar 15, 2026Updated 3 months ago
• Tw1sm / list-wam-accounts

  View on GitHub
  List web account manager (WAM) accounts added to the current profile
  ☆26Dec 11, 2025Updated 6 months ago
• crtvrffnrt / apimspray

  View on GitHub
  Azure apim mini proxy
  ☆61May 18, 2026Updated last month
• ghost-ng / slinger

  View on GitHub
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆60Updated this week
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• syncwithali / HavocExploit

  View on GitHub
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆36Nov 16, 2023Updated 2 years ago
• SpecterOps / ConfigManBearPig

  View on GitHub
  PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph
  ☆94Apr 21, 2026Updated 2 months ago
• 19h / ida-python-bytecode

  View on GitHub
  ☆27Mar 11, 2026Updated 3 months ago
• Peribunt / VPGATHER

  View on GitHub
  Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …
  ☆57Dec 30, 2025Updated 5 months ago
• Fudgedotdotdot / dump_kerberos_tickets

  View on GitHub
  Dump Kerberos tickets
  ☆46Aug 4, 2025Updated 10 months ago
• entropy-z / PostEx-Arsenal

  View on GitHub
  Arsenal of modules to beacon postex
  ☆105Mar 13, 2026Updated 3 months ago
• incursi0n / ClipboardStealBOF

  View on GitHub
  An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…
  ☆112Apr 16, 2026Updated 2 months ago