mdsecactivebreach/RegPwn external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mdsecactivebreach/RegPwn

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mdsecactivebreach/RegPwn)

Close

mdsecactivebreach / RegPwnView on GitHubMore

• External links
• Readme badge

☆232Mar 13, 2026Updated 2 months ago

Alternatives and similar repositories for RegPwn

Users that are interested in RegPwn are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• MazX0p / mssqlbof

  View on GitHub
  A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself
  ☆97Apr 9, 2026Updated last month
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆42Aug 5, 2025Updated 10 months ago
• ThanniKudam / TopazTerminator

  View on GitHub
  Just another EDR killer
  ☆136Jan 21, 2026Updated 4 months ago
• klsecservices / CPLDCOMTrigger

  View on GitHub
  ☆47Dec 28, 2025Updated 5 months ago
• epotseluevskaya / ASPX_WebShell_COFFLoader

  View on GitHub
  ASPX Web Shell with COFF Loader
  ☆130Mar 10, 2026Updated 2 months ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• quarkslab / proxyblob

  View on GitHub
  SOCKS5 proxy tool that uses Azure Storage services as a means of communication.
  ☆353Mar 21, 2026Updated 2 months ago
• 0xbbuddha / Notion

  View on GitHub
  Notion C2 Profile for Mythic
  ☆47Apr 30, 2026Updated last month
• andreisss / Living-off-the-COM-Type-Coercion-Abuse

  View on GitHub
  This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…
  ☆53May 16, 2025Updated last year
• SafeBreach-Labs / EventLogin-CVE-2025-29969

  View on GitHub
  Exploitation of CVE-2025-29969
  ☆66Feb 20, 2026Updated 3 months ago
• ricardojoserf / w11_shadow_copies

  View on GitHub
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆86Jan 26, 2026Updated 4 months ago
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆69Jan 5, 2026Updated 5 months ago
• NtDallas / Huginn

  View on GitHub
  ☆84Feb 12, 2026Updated 3 months ago
• kyxiaxiang / Safetasklist

  View on GitHub
  Help red teams find opsec processes during engagements
  ☆44Dec 7, 2024Updated last year
• backdoorskid / ClrAmsiScanPatcher

  View on GitHub
  Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET
  ☆53May 5, 2025Updated last year
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• xsh3llsh0ck / PicoHook

  View on GitHub
  Small driver that uses alternative syscalls feature
  ☆18May 9, 2024Updated 2 years ago
• temp43487580 / BAADTokenBroker

  View on GitHub
  BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.
  ☆82Apr 11, 2026Updated last month
• ricardojoserf / SAMDump

  View on GitHub
  Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#…
  ☆356Feb 2, 2026Updated 4 months ago
• CodeXTF2 / Cobaltstrike_BOFLoader

  View on GitHub
  open source port/reimplementation of the Cobalt Strike BOF Loader as is
  ☆72Mar 8, 2026Updated 2 months ago
• ZephrFish / ADFSDump-PS

  View on GitHub
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆44Dec 7, 2025Updated 6 months ago
• Kudaes / Puzzle

  View on GitHub
  Set of PoC to abuse Windows minifilters functionality
  ☆84May 1, 2026Updated last month
• r0keb / MunIntel

  View on GitHub
  kASLR bypass technique on Intel CPUs.
  ☆34May 18, 2025Updated last year
• mandiant / cleanldap

  View on GitHub
  ☆189Oct 21, 2025Updated 7 months ago
• aitorfirm / BlackIris

  View on GitHub
  Thats it! An Open-Source Windows UEFI Rootkit
  ☆30Jul 19, 2025Updated 10 months ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• MrAle98 / ATDCM64a-LPE

  View on GitHub
  ☆23Jan 15, 2025Updated last year
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆261Sep 8, 2024Updated last year
• 0x0Trace / Certihound

  View on GitHub
  Active Directory Certificate Services (ADCS) enumeration library with BloodHound CE v6 export support
  ☆83Apr 26, 2026Updated last month
• sensepost / susinternals

  View on GitHub
  psexecsvc - a python implementation of PSExec's native service implementation
  ☆302Mar 24, 2026Updated 2 months ago
• Ghaleb0x317374 / StealthyWMIExec.py

  View on GitHub
  A stealthier approach to WMI-based command execution using Impacket without touching the disk.
  ☆83Mar 15, 2026Updated 2 months ago
• Tw1sm / list-wam-accounts

  View on GitHub
  List web account manager (WAM) accounts added to the current profile
  ☆26Dec 11, 2025Updated 5 months ago
• crtvrffnrt / apimspray

  View on GitHub
  Azure apim mini proxy
  ☆59May 18, 2026Updated 3 weeks ago
• ghost-ng / slinger

  View on GitHub
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆60Updated this week
• syncwithali / HavocExploit

  View on GitHub
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆36Nov 16, 2023Updated 2 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• SpecterOps / ConfigManBearPig

  View on GitHub
  PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph
  ☆89Apr 21, 2026Updated last month
• Peribunt / VPGATHER

  View on GitHub
  Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …
  ☆57Dec 30, 2025Updated 5 months ago
• Fudgedotdotdot / dump_kerberos_tickets

  View on GitHub
  Dump Kerberos tickets
  ☆46Aug 4, 2025Updated 10 months ago
• entropy-z / PostEx-Arsenal

  View on GitHub
  Arsenal of modules to beacon postex
  ☆104Mar 13, 2026Updated 2 months ago
• incursi0n / ClipboardStealBOF

  View on GitHub
  An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…
  ☆112Apr 16, 2026Updated last month
• Cobalt-Strike / icmp-udc2

  View on GitHub
  UDC2 implementation that provides an ICMP C2 channel
  ☆123Nov 24, 2025Updated 6 months ago
• mdsecactivebreach / functionpeekaboo

  View on GitHub
  ☆61Oct 24, 2025Updated 7 months ago