A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
☆107Jan 26, 2026Updated last month
Alternatives and similar repositories for swarmer
Users that are interested in swarmer are comparing it to the libraries listed below
Sorting:
- Toolset to manipulate RPC clients by finding delayed services and masquerading as them☆108Aug 18, 2025Updated 7 months ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆64Dec 25, 2025Updated 2 months ago
- Azure apim mini proxy☆54Feb 16, 2026Updated last month
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- ☆53Sep 23, 2025Updated 5 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- Python script to leverage MSFT_MTProcess WMI class☆39Sep 17, 2025Updated 6 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 4 months ago
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- ☆33Jan 23, 2025Updated last year
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 3 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆200Dec 30, 2025Updated 2 months ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 7 months ago
- Weaponize signed .NET ClickOnce applications for initial access by hijacking a dependency DLL via AppDomainManager injection and loading …☆144Feb 14, 2026Updated last month
- Indirect syscalls + DInvoke made simple.☆95Dec 24, 2024Updated last year
- Golang Automation Framework for Cobalt Strike using the Rest API☆56Dec 4, 2025Updated 3 months ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆221Nov 3, 2025Updated 4 months ago
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆135Nov 12, 2025Updated 4 months ago
- ☆17May 22, 2024Updated last year
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated 2 months ago
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆118Jan 29, 2026Updated last month
- ☆62Feb 12, 2026Updated last month
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- ☆147Nov 6, 2025Updated 4 months ago
- ☆48Dec 5, 2025Updated 3 months ago
- BOF template with boflink and mutator kit support☆49Jan 8, 2026Updated 2 months ago
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆154Nov 23, 2025Updated 3 months ago
- ☆33Mar 19, 2025Updated last year
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 3 months ago
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated last month
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆117Oct 6, 2025Updated 5 months ago