Alternatives and similar repositories for Brute-Ratel-External-C2-Specification

Users that are interested in Brute-Ratel-External-C2-Specification are comparing it to the libraries listed below

• 0xe7 / PowerSploit
  PowerSploit - A PowerShell Post-Exploitation Framework
  ☆42Updated 3 months ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 3 years ago
• knight0x07 / PoC-Malware-TTPs
  PoC-Malware-TTPs
  ☆49Updated 2 years ago
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆82Updated last year
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆62Updated last year
• Tw1sm / badger-builder
  badger-builder is an AI-assisted tool for generating dynamic Brute Ratel C4 profiles
  ☆55Updated 7 months ago
• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Updated 2 years ago
• Hypnoze57 / RDPChecker
  RDP Checker
  ☆63Updated last year
• snovvcrash / OffensivePipeline
  OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
  ☆91Updated 3 years ago
• aaaddress1 / xlsGen
  (PoC) Tiny Excel BIFF8 Generator, to Embedded 4.0 Macros in xls files without Excel.
  ☆43Updated 3 years ago
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆56Updated 2 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆89Updated 2 years ago
• Dec0ne / AMS-BP
  AMSI Bypass for powershell
  ☆30Updated 3 years ago
• susMdT / SharpAgent
  C# havoc implant
  ☆101Updated 2 years ago
• SaadAhla / PSpersist
  Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…
  ☆85Updated last year
• 0xsp-SRD / 0xsp.com
  a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab
  ☆63Updated 6 months ago
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆85Updated 2 years ago
• san3ncrypt3d / AESShellCodeInjector
  This program will take encrypted shell code and decrypt it in run time and inject it into another process
  ☆29Updated 3 years ago
• RomanRII / jenkins-strike
  Cobalt Strike profile generator using Jenkins to automate the heavy lifting
  ☆37Updated 2 years ago
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Updated 2 years ago
• zyn3rgy / ClickonceHunter
  Golang search engine scraper intended for identification of published ClickOnce deployments
  ☆75Updated 7 months ago
• MythicAgents / scarecrow_wrapper
  ☆18Updated last month
• zblurx / BloodHoundCustomQueries
  My BloodHound custom queries
  ☆24Updated 2 years ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆68Updated last year
• improsec / CaddyStager
  ☆38Updated 3 years ago
• CompassSecurity / PowerLsassSilentProcessExit
  ☆26Updated 4 years ago
• Octoberfest7 / lnk_generator
  Small project to facilitate creation of .lnk payloads
  ☆70Updated 2 years ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆85Updated 2 years ago
• pgormanDS / hash_spider
  A module for CME that spiders across a domain.
  ☆35Updated 2 years ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆46Updated 2 years ago