Alternatives and similar repositories for Bolthole

Users that are interested in Bolthole are comparing it to the libraries listed below

• xforcered / ForsHops

  View on GitHub
  ForsHops
  ☆152Mar 25, 2025Updated 10 months ago
• Thunter-HackTeam / EvilentCoerce

  View on GitHub
  ☆159May 5, 2025Updated 9 months ago
• CrowdStrike / sccmhound

  View on GitHub
  A BloodHound collector for Microsoft Configuration Manager
  ☆363Jul 7, 2025Updated 7 months ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆182Jan 17, 2026Updated 3 weeks ago
• django-88 / NomadScanner

  View on GitHub
  ☆163Nov 19, 2025Updated 2 months ago
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆345Nov 19, 2024Updated last year
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆220Oct 30, 2025Updated 3 months ago
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆635May 8, 2025Updated 9 months ago
• sud0Ru / NauthNRPC

  View on GitHub
  Enumerate Domain Users Without Authentication
  ☆281Apr 22, 2025Updated 9 months ago
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆135Apr 18, 2025Updated 9 months ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• logangoins / Cable

  View on GitHub
  .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
  ☆400Jul 23, 2025Updated 6 months ago
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆155Jul 23, 2025Updated 6 months ago
• whokilleddb / sinister-vsix

  View on GitHub
  Blog/Journal on how to backdoor VSCode extensions
  ☆76Updated this week
• hdbreaker / Nimhawk

  View on GitHub
  A powerful, modular, lightweight and efficient command & control framework written in Nim.
  ☆216Nov 3, 2025Updated 3 months ago
• dmcxblue / WSL-Payloads

  View on GitHub
  A small How-To on creating your own weaponized WSL file
  ☆119Jul 23, 2025Updated 6 months ago
• 0xRedpoll / SignalKeyBOF

  View on GitHub
  BOF to decrypt Signal Desktop chat logs
  ☆72Feb 20, 2025Updated 11 months ago
• LuemmelSec / APEX

  View on GitHub
  Azure Post Exploitation Framework
  ☆244Oct 27, 2025Updated 3 months ago
• 0xsp-SRD / ZigStrike

  View on GitHub
  ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features.
  ☆501Jan 23, 2026Updated 3 weeks ago
• rtecCyberSec / RAITrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying
  ☆168Jul 22, 2025Updated 6 months ago
• CICADA8-Research / Spyndicapped

  View on GitHub
  COM ViewLogger — new malware keylogging technique
  ☆403Jan 6, 2025Updated last year
• Macmod / ldapx

  View on GitHub
  Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.
  ☆188Dec 23, 2025Updated last month
• Azr43lKn1ght / Rusty-PE-Packer

  View on GitHub
  A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.
  ☆42Jan 9, 2025Updated last year
• CCob / DRSAT

  View on GitHub
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆273Dec 27, 2024Updated last year
• decoder-it / KrbRelay-SMBServer

  View on GitHub
  ☆235Oct 8, 2024Updated last year
• cogiceo / GPOHound

  View on GitHub
  Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data
  ☆354Jan 8, 2026Updated last month
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆381Dec 13, 2024Updated last year
• tdeerenberg / InlineWhispers3

  View on GitHub
  Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion
  ☆99Jul 9, 2025Updated 7 months ago
• jsecu / ModTask

  View on GitHub
  ☆53Sep 23, 2025Updated 4 months ago
• kozmer / aad-bofs

  View on GitHub
  ☆137Nov 17, 2025Updated 2 months ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• xforcered / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆275Jul 1, 2025Updated 7 months ago
• NtDallas / MemLoader

  View on GitHub
  Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible
  ☆266Jun 18, 2025Updated 7 months ago
• scrt / PowerChell

  View on GitHub
  A PowerShell console in C/C++ with all the security features disabled
  ☆341Oct 14, 2025Updated 4 months ago
• quarkslab / proxyblob

  View on GitHub
  SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.
  ☆287Apr 29, 2025Updated 9 months ago
• 0xthirteen / Carseat

  View on GitHub
  Python implementation of GhostPack's Seatbelt situational awareness tool
  ☆270Nov 12, 2024Updated last year
• RedTeamPentesting / keycred

  View on GitHub
  Generate and Manage KeyCredentialLinks
  ☆241Jan 30, 2026Updated 2 weeks ago
• Tylous / FaceDancer

  View on GitHub
  FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…
  ☆399Sep 26, 2024Updated last year
• itm4n / PPLrevenant

  View on GitHub
  Bypass LSA protection using the BYODLL technique
  ☆171Sep 21, 2024Updated last year