A Payload Analysis Framework
☆117Oct 9, 2025Updated 4 months ago
Alternatives and similar repositories for citadel
Users that are interested in citadel are comparing it to the libraries listed below
Sorting:
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆116Oct 6, 2025Updated 5 months ago
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- A Windows tool that converts LDIF files to BloodHound CE☆27Dec 20, 2025Updated 2 months ago
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 6 months ago
- Terms of Use Conditional Access M365 Evilginx Phishlet☆44Jun 23, 2025Updated 8 months ago
- ☆31Feb 28, 2025Updated last year
- A small How-To on creating your own weaponized WSL file☆122Jul 23, 2025Updated 7 months ago
- ☆50Jun 4, 2025Updated 9 months ago
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- A collection of position independent coding resources☆107Nov 15, 2025Updated 3 months ago
- adws enumeration bof☆169Feb 16, 2026Updated 2 weeks ago
- LinkedIn recon the easy way☆110Jul 3, 2025Updated 8 months ago
- An example reference design for a proposed BOF PE☆201Jan 23, 2026Updated last month
- Community Eventing and Scripting examples☆18Aug 11, 2025Updated 6 months ago
- Linker for Beacon Object Files☆159Feb 22, 2026Updated last week
- rust port of pspy with support for process monitoring over dbus☆36Jan 4, 2026Updated 2 months ago
- SAM Dumping in C#☆54Nov 27, 2025Updated 3 months ago
- ☆84May 19, 2024Updated last year
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆29Jun 9, 2025Updated 8 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆103Feb 25, 2025Updated last year
- A pointer encryption library intended for Red Team implant design in Rust.☆66Oct 1, 2025Updated 5 months ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- Red Team Collaboration Infrastructure☆98Apr 24, 2025Updated 10 months ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- ☆13Jun 20, 2022Updated 3 years ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 8 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆191Feb 16, 2026Updated 2 weeks ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it☆134Aug 23, 2025Updated 6 months ago
- ☆207Dec 17, 2025Updated 2 months ago
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated last month