Alternatives and similar repositories for WMIPersistence

Users that are interested in WMIPersistence are comparing it to the libraries listed below

• djhohnstein / CSharpSetThreadContext
  C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread
  ☆119Updated 6 years ago
• jnqpblc / SharpTask
  SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.
  ☆93Updated 4 years ago
• rvrsh3ll / SharpExcel4-DCOM
  Port of Invoke-Excel4DCOM
  ☆104Updated 6 years ago
• mdsecactivebreach / Browser-ExternalC2
  External C2 Using IE COM Objects
  ☆101Updated 6 years ago
• rvrsh3ll / SharpCOM
  CSHARP DCOM Fun
  ☆138Updated 6 years ago
• dev-2null / KerberosRun
  A little tool to play with Kerberos.
  ☆66Updated 2 years ago
• offsecginger / AES-PowerShellCode
  Standalone version of my AES Powershell payload for Cobalt Strike.
  ☆111Updated 6 years ago
• anthemtotheego / C_Shot
  ☆114Updated 5 years ago
• mez-0 / MoveScheduler
  .NET 4.0 Scheduled Job Lateral Movement
  ☆90Updated 5 years ago
• rasta-mouse / Fork-n-Run
  ☆73Updated 4 years ago
• Mr-Un1k0d3r / RemoteProcessInjection
  C# remote process injection utility for Cobalt Strike
  ☆88Updated 5 years ago
• airzero24 / WMIReg
  PoC to interact with local/remote registry hives through WMI
  ☆87Updated 5 years ago
• rvrsh3ll / MSBuildAPICaller
  MSBuild Without MSBuild.exe
  ☆155Updated 5 years ago
• curi0usJack / rubeus2ccache
  Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.
  ☆67Updated 5 years ago
• 0xB455 / AmsiBypass
  C# PoC implementation for bypassing AMSI via in memory patching
  ☆66Updated 5 years ago
• gitjdm / dumper2020
  Yet another LSASS dumper
  ☆74Updated 5 years ago
• darkoperator / vscode-language-aggressor
  Cobalt Strike Aggressor extension for Visual Studio Code
  ☆138Updated last year
• jfmaes / TrustJack
  Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows
  ☆143Updated 5 years ago
• S3cur3Th1sSh1t / Invoke-Sharpcradle
  Load C# Code straight to memory
  ☆56Updated 5 years ago
• Soledge / BlockEtw
  .Net Assembly to block ETW telemetry in current process
  ☆81Updated 5 years ago
• tevora-threat / PowerView3-Aggressor
  Cobalt Strike Aggressor script menu for Powerview/SharpView
  ☆134Updated 7 years ago
• icebearfriend / Quickrundown
  Smart overlay for Cobalt Strike PS function
  ☆30Updated 6 years ago
• outflanknl / external_c2
  POC for Cobalt Strike external C2
  ☆141Updated 4 years ago
• mez-0 / CSharpWinRM
  .NET 4.0 WinRM API Command Execution
  ☆166Updated 5 years ago
• offsecginger / AggressorScripts
  Various Aggressor Scripts I've Created.
  ☆151Updated 4 years ago
• rasta-mouse / EWSToolkit
  Abusing Exchange via EWS
  ☆152Updated 5 years ago
• tevora-threat / aggressor-powerview
  PowerView menu for Cobalt Strike
  ☆69Updated 7 years ago
• rvrsh3ll / NoMSBuild
  MSBuild without MSbuild.exe
  ☆135Updated 5 years ago
• secgroundzero / CS-Aggressor-Scripts
  Aggressor Scripts for Cobalt Strike
  ☆76Updated last year
• checkymander / Sharp-SMBExec
  SMBExec C# module
  ☆218Updated 5 years ago