Alternatives and similar repositories for APT34

Users that are interested in APT34 are comparing it to the libraries listed below

• OneLogicalMyth / zeroday-powershell
  A PowerShell example of the Windows zero day priv esc
  ☆327Updated 6 years ago
• sud0woodo / DCOMrade
  Powershell script for enumerating vulnerable DCOM Applications
  ☆258Updated 6 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆211Updated 2 months ago
• ramen0x3f / AggressorScripts
  ☆272Updated 2 years ago
• Ziconius / FudgeC2
  FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
  ☆254Updated 2 years ago
• kmkz / exploit
  Exploits and advisories
  ☆190Updated 5 years ago
• ryhanson / ExternalC2
  A library for integrating communication channels with the Cobalt Strike External C2 server
  ☆286Updated 7 years ago
• Und3rf10w / external_c2_framework
  Python api for usage with cobalt strike's External C2 specification
  ☆237Updated 2 years ago
• Cybereason / Invoke-WMILM
  ☆229Updated 7 years ago
• rogue-kdc / CVE-2019-0841
  PoC code for CVE-2019-0841 Privilege Escalation vulnerability
  ☆240Updated 6 years ago
• two06 / Inception
  Provides In-memory compilation and reflective loading of C# apps for AV evasion.
  ☆370Updated last year
• phackt / stager.dll
  Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/
  ☆175Updated 4 years ago
• 0xeb-bp / bluekeep
  Public work for CVE-2019-0708
  ☆292Updated 5 years ago
• Mr-Un1k0d3r / MaliciousClickOnceGenerator
  Quick Malicious ClickOnceGenerator for Red Team
  ☆249Updated 4 years ago
• bhdresh / lazykatz
  Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software…
  ☆197Updated 7 years ago
• 0x09AL / DNS-Persist
  DNS-Persist is a post-exploitation agent which uses DNS for command and control.
  ☆210Updated 7 years ago
• johnjohnsp1 / Shellcode-Via-HTA
  How To Execute Shellcode via HTA
  ☆139Updated 7 years ago
• ZonkSec / persistence-aggressor-script
  initial commit
  ☆174Updated 6 years ago
• b4rtik / RedPeanut
  RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.
  ☆328Updated last year
• enigma0x3 / Powershell-Payload-Excel-Delivery
  Uses Invoke-Shellcode to execute a payload and persist on the system.
  ☆115Updated 8 years ago
• codewhitesec / LethalHTA
  Lateral Movement technique using DCOM and HTA
  ☆233Updated 2 years ago
• praetorian-inc / vulcan
  a tool to make it easy and fast to test various forms of injection
  ☆173Updated 6 years ago
• 0x09AL / DropboxC2C
  DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.
  ☆150Updated 6 years ago
• outflanknl / Excel4-DCOM
  PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)
  ☆325Updated 6 years ago
• z0noxz / powerstager
  A payload stager using PowerShell
  ☆184Updated 5 years ago
• threatexpress / tinyshell
  ☆169Updated 7 years ago
• vysecurity / morphHTA
  morphHTA - Morphing Cobalt Strike's evil.HTA
  ☆523Updated 2 years ago
• BorjaMerino / Pazuzu
  Pazuzu: Reflective DLL to run binaries from memory
  ☆216Updated 4 years ago
• rxwx / CVE-2018-0802
  PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)
  ☆269Updated 7 years ago
• paranoidninja / Pandoras-Box
  This repo contains my custom scripts for Penetration Testing and Red Team Assessments. I will keep on updating this repo as and when I ge…
  ☆352Updated 6 years ago