Alternatives and similar repositories for crux:

Users that are interested in crux are comparing it to the libraries listed below

• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• nopbrick / SeeProxy
  Golang reverse proxy with CobaltStrike malleable profile validation.
  ☆109Updated 2 years ago
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆80Updated last year
• sfewer-r7 / CVE-2023-34362
  CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
  ☆63Updated last year
• mertdas / SharpLateral
  Lateral Movement
  ☆122Updated last year
• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆91Updated 2 years ago
• knight0x07 / PoC-Malware-TTPs
  PoC-Malware-TTPs
  ☆49Updated 2 years ago
• bitsadmin / dir2json
  Tool for efficient directory enumeration
  ☆56Updated 5 months ago
• zblurx / acltoolkit
  ACL abuse swiss-knife
  ☆120Updated 2 years ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆74Updated 2 years ago
• kymb0 / Stealth_shellcode_runners
  ☆55Updated last year
• njcve / inflate.py
  Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
  ☆120Updated 3 years ago
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆75Updated last year
• CodeXTF2 / HavocNotion
  A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …
  ☆85Updated 2 years ago
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆138Updated 8 months ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Updated last year
• LuemmelSec / ntlmrelayx.py_to_exe
  ☆86Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆55Updated 8 months ago
• 0xsp-SRD / 0xsp.com
  a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab
  ☆63Updated 3 months ago
• xpn / ntlmquic
  POC tools for exploring SMB over QUIC protocol
  ☆122Updated 3 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• nullsection / Sneaky-DLL-Stager
  Reasonably undetected shellcode stager and executer.
  ☆37Updated 7 months ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated last year
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆69Updated this week
• Mr-Un1k0d3r / Cookie-and-Handle-Stealer
  C or BOF file to extract WebKit master key to decrypt user cookie
  ☆191Updated 11 months ago
• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆72Updated 2 years ago
• hrtywhy / BOF-CobaltStrike
  Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
  ☆105Updated 2 years ago
• RedSiege / DigDug
  ☆79Updated 8 months ago
• praetorian-inc / ADFSRelay
  Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS
  ☆179Updated 2 years ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆55Updated 3 years ago