A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
☆104Jan 26, 2026Updated last month
Alternatives and similar repositories for swarmer
Users that are interested in swarmer are comparing it to the libraries listed below
Sorting:
- Toolset to manipulate RPC clients by finding delayed services and masquerading as them☆108Aug 18, 2025Updated 6 months ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆63Dec 25, 2025Updated 2 months ago
- ☆53Sep 23, 2025Updated 5 months ago
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 2 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆33Aug 18, 2025Updated 6 months ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- Weaponize signed .NET ClickOnce applications for initial access by hijacking a dependency DLL via AppDomainManager injection and loading …☆124Feb 14, 2026Updated last week
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 6 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 3 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆199Dec 30, 2025Updated last month
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- ☆33Jan 23, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 2 years ago
- Mythic C2 Agent written in x64 PIC C☆85Jan 29, 2025Updated last year
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆185Jan 17, 2026Updated last month
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆63Apr 2, 2025Updated 10 months ago
- An offensive toolkit for restless guests #DEFCON33☆53Aug 11, 2025Updated 6 months ago
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆221Nov 3, 2025Updated 3 months ago
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆127Dec 2, 2023Updated 2 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- ☆47Dec 5, 2025Updated 2 months ago
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- Python script to leverage MSFT_MTProcess WMI class☆39Sep 17, 2025Updated 5 months ago
- ☆146Nov 6, 2025Updated 3 months ago
- ☆33Mar 19, 2025Updated 11 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 6 months ago
- Discord C2 Profile for Mythic☆33Feb 18, 2025Updated last year
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆85Oct 20, 2025Updated 4 months ago
- Execute shellcode via ASPNET compiler☆62Oct 2, 2025Updated 4 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated last month
- BSides Prishtina 2024 Malware Development and Persistence workshop☆127Jan 1, 2026Updated last month
- ☆28Feb 11, 2026Updated 2 weeks ago
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆33Feb 6, 2026Updated 3 weeks ago
- ☆47Feb 12, 2026Updated 2 weeks ago
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆40Oct 30, 2024Updated last year
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆113Jan 29, 2026Updated 3 weeks ago