Alternatives and similar repositories for Suborner

Users that are interested in Suborner are comparing it to the libraries listed below

• Wra7h / FlavorTown

  View on GitHub
  Various ways to execute shellcode
  ☆508Mar 13, 2024Updated last year
• mdsecactivebreach / DragonCastle

  View on GitHub
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆301Oct 26, 2022Updated 3 years ago
• zblurx / certsync

  View on GitHub
  Dump NTDS with golden certificates and UnPAC the hash
  ☆646Mar 20, 2024Updated last year
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,364Oct 27, 2023Updated 2 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,004Jun 4, 2024Updated last year
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆953Feb 2, 2026Updated last week
• m3rcer / Chisel-Strike

  View on GitHub
  A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
  ☆460Mar 25, 2024Updated last year
• nettitude / SharpWSUS

  View on GitHub
  ☆477Nov 20, 2022Updated 3 years ago
• rad9800 / TamperingSyscalls

  View on GitHub
  ☆504Aug 14, 2022Updated 3 years ago
• RedSiege / PersistAssist

  View on GitHub
  Fully modular persistence framework
  ☆259Apr 10, 2023Updated 2 years ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,297Dec 7, 2023Updated 2 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• CodeXTF2 / WindowSpy

  View on GitHub
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆281Feb 24, 2025Updated 11 months ago
• Dec0ne / DavRelayUp

  View on GitHub
  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
  ☆565Jun 5, 2023Updated 2 years ago
• deepinstinct / Lsass-Shtinkering

  View on GitHub
  ☆385Jan 19, 2023Updated 3 years ago
• zcgonvh / DCOMPotato

  View on GitHub
  Some Service DCOM Object and SeImpersonatePrivilege abuse.
  ☆372Dec 9, 2022Updated 3 years ago
• GhostPack / Koh

  View on GitHub
  The Token Stealer
  ☆510Jul 13, 2022Updated 3 years ago
• pwn1sher / WMEye

  View on GitHub
  WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
  ☆369Dec 24, 2021Updated 4 years ago
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆714Mar 4, 2023Updated 2 years ago
• Kudaes / Elevator

  View on GitHub
  UAC bypass by abusing RPC and debug objects.
  ☆629Oct 19, 2023Updated 2 years ago
• janoglezcampos / DeathSleep

  View on GitHub
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆536Aug 1, 2022Updated 3 years ago
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  ☆1,117Jan 6, 2026Updated last month
• c3c / ADExplorerSnapshot

  View on GitHub
  ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…
  ☆1,048Jan 22, 2026Updated 3 weeks ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆675Dec 23, 2022Updated 3 years ago
• med0x2e / NTLMRelay2Self

  View on GitHub
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆417Jan 27, 2024Updated 2 years ago
• nettitude / MalSCCM

  View on GitHub
  ☆252Sep 28, 2023Updated 2 years ago
• skahwah / SQLRecon

  View on GitHub
  A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
  ☆777Oct 16, 2025Updated 3 months ago
• Accenture / Codecepticon

  View on GitHub
  .NET/PowerShell/VBA Offensive Security Obfuscator
  ☆514Feb 1, 2024Updated 2 years ago
• JamesCooteUK / SharpSphere

  View on GitHub
  .NET Project for Attacking vCenter
  ☆553Nov 11, 2021Updated 4 years ago
• evilashz / CheeseOunce

  View on GitHub
  Coerce Windows machines auth via MS-EVEN
  ☆171Jan 17, 2024Updated 2 years ago
• Dec0ne / ShadowSpray

  View on GitHub
  A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
  ☆482Oct 14, 2022Updated 3 years ago
• Yaxser / Backstab

  View on GitHub
  A tool to kill antimalware protected processes
  ☆1,509Jun 19, 2021Updated 4 years ago
• Z4kSec / Masky

  View on GitHub
  Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory
  ☆399Aug 15, 2025Updated 5 months ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,398Nov 22, 2023Updated 2 years ago
• Mayyhem / SharpSCCM

  View on GitHub
  A C# utility for interacting with SCCM
  ☆682Aug 20, 2025Updated 5 months ago
• naksyn / Pyramid

  View on GitHub
  a tool to help operate in EDRs' blind spots
  ☆769Dec 2, 2024Updated last year
• cube0x0 / KrbRelay

  View on GitHub
  Framework for Kerberos relaying
  ☆939May 29, 2022Updated 3 years ago
• trustedsec / orpheus

  View on GitHub
  Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
  ☆411Mar 21, 2025Updated 10 months ago
• BeichenDream / PrintNotifyPotato

  View on GitHub
  PrintNotifyPotato
  ☆539Dec 2, 2022Updated 3 years ago