Alternatives and similar repositories for monarch

Users that are interested in monarch are comparing it to the libraries listed below

• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 2 months ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 9 months ago
• HulkOperator / AuthStager
  ☆55Updated 7 months ago
• OtterHacker / Hooker
  ☆106Updated 7 months ago
• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆60Updated 2 weeks ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 4 months ago
• sidaf / moonshine
  ☆69Updated last year
• andreisss / Living-off-the-COM-Type-Coercion-Abuse
  This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…
  ☆37Updated 2 weeks ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated 11 months ago
• Teach2Breach / hollow_rs
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆29Updated 3 months ago
• 0xRedpoll / SignalKeyBOF
  BOF to decrypt Signal Desktop chat logs
  ☆65Updated 3 months ago
• kyleavery / pendulum
  Linux Sleep Obfuscation
  ☆97Updated last year
• OtterHacker / ShareFouine
  ☆50Updated 7 months ago
• redr0nin / Agentic-Flow-Corruption-Attacks
  A red teaming attack paradigm against AI Agents
  ☆30Updated 2 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 9 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆42Updated 3 weeks ago
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• rasta-mouse / KerbApp
  ☆29Updated last year
• skylerknecht / messenger
  A tunneling toolkit enabling operators to move data from one place to another evasively.
  ☆60Updated last week
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆35Updated last month
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 8 months ago
• OffenseTeacher / Steganim
  ☆48Updated last year
• ChaitanyaHaritash / IllusiveFog
  Windows Administrator level Implant.
  ☆49Updated 8 months ago
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 10 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆49Updated 5 months ago
• CultCornholio / RedTeamTP
  ☆60Updated 2 weeks ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆99Updated 3 weeks ago
• xpn / CloudInject
  ☆110Updated 6 months ago
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆76Updated last year