Alternatives and similar repositories for spellbound

Users that are interested in spellbound are comparing it to the libraries listed below

• 0xEr3bus / ShadowForgeC2

  View on GitHub
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆52Jul 15, 2023Updated 2 years ago
• kargisimos / detenv

  View on GitHub
  A small and portable Windows C library for sandbox detection
  ☆35Oct 2, 2023Updated 2 years ago
• iomoath / RedWardenLite

  View on GitHub
  A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.
  ☆45Jun 27, 2023Updated 2 years ago
• jxroot / ReHTTP

  View on GitHub
  Simple Powershell Http shell With WEB UI
  ☆74Mar 28, 2025Updated 10 months ago
• Faran-17 / EarlyBird-APC-Injection

  View on GitHub
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆35Oct 31, 2023Updated 2 years ago
• Retrospected / PurpleKeep

  View on GitHub
  Providing Azure pipelines to create an infrastructure and run Atomic tests.
  ☆53Jul 25, 2023Updated 2 years ago
• Primusinterp / PrimusC2

  View on GitHub
  A C2 framework built for my bachelors thesis
  ☆57Jan 14, 2026Updated last month
• APT64 / EternalHushFramework

  View on GitHub
  EternalHush - java-based open-source c2 framework that targets Microsoft Windows
  ☆27Updated this week
• demetriusford / mutation-fuzzer

  View on GitHub
  TL;DR: Mutate a binary to identify potential exploit candidates
  ☆11Jan 12, 2026Updated last month
• p4p1 / havoc-bloodhound

  View on GitHub
  A GUI wrapper inside of Havoc to interact with bloodhound CE
  ☆70Feb 3, 2024Updated 2 years ago
• FuzzySecurity / Magikarp

  View on GitHub
  ECC Public Key Cryptography
  ☆37Oct 29, 2023Updated 2 years ago
• nopcorn / DuckDuckC2

  View on GitHub
  A proof-of-concept C2 channel through DuckDuckGo's image proxy service
  ☆77Nov 12, 2023Updated 2 years ago
• dievus / Python3-C2-Course-Code-Modules

  View on GitHub
  Modules for my C2 course students to use for their own projects.
  ☆74Jun 13, 2023Updated 2 years ago
• freeide / powershell-backdoor-generator

  View on GitHub
  Reverse backdoor written in PowerShell and obfuscated with Python. It generates payloads for popular hacking devices like Flipper Zero an…
  ☆31Jun 19, 2023Updated 2 years ago
• aaaddress1 / ntkrnlProtectScan

  View on GitHub
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Oct 2, 2023Updated 2 years ago
• Quantumite / slidecode

  View on GitHub
  XOR-based shellcode encoder
  ☆30Apr 20, 2023Updated 2 years ago
• inb1ts / CSSHide

  View on GitHub
  Encodes a payload within a generated mock-CSS file
  ☆59Sep 18, 2023Updated 2 years ago
• PhrozenIO / SharpFtpC2

  View on GitHub
  A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.
  ☆89Nov 9, 2023Updated 2 years ago
• Maxwitat / CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline

  View on GitHub
  The remediation script should set the reg entries described in https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 . The…
  ☆27Jul 21, 2023Updated 2 years ago
• rly0nheart / tor2tor

  View on GitHub
  Capture screenshots of onion services on an onion service.
  ☆73Jun 11, 2024Updated last year
• scriptchildie / maliciousCodeMatchingMFA

  View on GitHub
  A small executable to trick a user to authenticate using code matching MFA
  ☆69Oct 6, 2023Updated 2 years ago
• 0xNslabs / CanaryTokenScanner

  View on GitHub
  Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts
  ☆127Dec 23, 2025Updated last month
• mertdas / RedPersist

  View on GitHub
  ☆222Mar 10, 2024Updated last year
• Drakiat / Checker

  View on GitHub
  A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.
  ☆45Mar 8, 2024Updated last year
• demon-i386 / zoshrinkC2

  View on GitHub
  DNS over HTTPS targeted malware (only runs once)
  ☆96Aug 16, 2023Updated 2 years ago
• g0h4n / REC2

  View on GitHub
  REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs…
  ☆163Feb 22, 2024Updated last year
• secur30nly / netuser-rs

  View on GitHub
  Rust bindings to Microsoft Windows users / groups management API
  ☆34Dec 27, 2025Updated last month
• 0xthirteen / PerfExec

  View on GitHub
  ☆80Aug 2, 2023Updated 2 years ago
• 1N73LL1G3NC3x / Nightmangle

  View on GitHub
  ☆163Sep 26, 2023Updated 2 years ago
• oldboy21 / JayFinder

  View on GitHub
  Find DLLs with RWX section
  ☆80Jul 3, 2023Updated 2 years ago
• Mr-Cyb3rgh0st / Excel-Exploit

  View on GitHub
  MacroExploit use in excel sheet
  ☆20Jun 12, 2023Updated 2 years ago
• pwnsauc3 / RWXfinder

  View on GitHub
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆111Jul 15, 2023Updated 2 years ago
• itaymigdal / RegStrike

  View on GitHub
  RegStrike is a .reg payload generator
  ☆58Sep 19, 2023Updated 2 years ago
• h0ru / AMSI-Reaper

  View on GitHub
  ☆106Sep 12, 2024Updated last year
• net-dawg / SSHniffer

  View on GitHub
  ☆35Dec 6, 2023Updated 2 years ago
• syncwithali / HavocExploit

  View on GitHub
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆36Nov 16, 2023Updated 2 years ago
• attl4s / freeMetsrvLoader

  View on GitHub
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆35Mar 28, 2023Updated 2 years ago
• PlayExploits / CTF-S----challenges-pico-htb-ringzer0-etc

  View on GitHub
  This is the ringzer0 writeup of web exploitation catagery. The name is "Word mean something"
  ☆14Dec 8, 2023Updated 2 years ago
• BeetleChunks / Obligato

  View on GitHub
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆108Sep 22, 2023Updated 2 years ago