sadreck/Codecepticon

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sadreck/Codecepticon)

sadreck / Codecepticon

.NET/PowerShell/VBA Offensive Security Obfuscator

☆190

Alternatives and similar repositories for Codecepticon

Users that are interested in Codecepticon are comparing it to the libraries listed below

Sorting:

Cracked5pider / earlycascade-injection
View on GitHub
early cascade injection PoC based on Outflanks blog post
☆237Nov 7, 2024Updated last year
racoten / BetterNetLoader
View on GitHub
A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints
☆121Jul 11, 2025Updated 7 months ago
BlackSnufkin / NyxInvoke
View on GitHub
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
☆232Feb 12, 2025Updated last year
Accenture / Codecepticon
View on GitHub
.NET/PowerShell/VBA Offensive Security Obfuscator
☆515Feb 1, 2024Updated 2 years ago
senzee1984 / InflativeLoading
View on GitHub
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
☆325Apr 12, 2024Updated last year
mertdas / PrivKit
View on GitHub
PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
☆568Jan 20, 2026Updated last month
sagiol / Terms-of-What
View on GitHub
Terms of Use Conditional Access M365 Evilginx Phishlet
☆44Jun 23, 2025Updated 8 months ago
JanielDary / ImmoralFiber
View on GitHub
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
☆281Sep 18, 2024Updated last year
mandiant / ccmpwn
View on GitHub
☆216Mar 26, 2024Updated last year
rasta-mouse / CsWhispers
View on GitHub
Source generator to add D/Invoke and indirect syscall methods to a C# project.
☆190Mar 4, 2024Updated last year
JayGLXR / RustySpy
View on GitHub
A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …
☆19Mar 6, 2025Updated 11 months ago
logangoins / SharpSuccessor
View on GitHub
SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.
☆386Sep 26, 2025Updated 5 months ago
zero2504 / Early-Cryo-Bird-Injections
View on GitHub
Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
☆137Apr 6, 2025Updated 10 months ago
VoldeSec / PatchlessCLRLoader
View on GitHub
.NET assembly loader with patchless AMSI and ETW bypass
☆368Apr 19, 2023Updated 2 years ago
xrombar / flower
View on GitHub
a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
☆110Mar 25, 2024Updated last year
REDMED-X / OperatorsKit
View on GitHub
Collection of Beacon Object Files (BOF) for Cobalt Strike
☆672Aug 15, 2025Updated 6 months ago
ZERODETECTION / MSC_Dropper
View on GitHub
☆250Jul 31, 2024Updated last year
decoder-it / ADCSCoercePotato
View on GitHub
☆242May 5, 2024Updated last year
Flangvik / ObfuscatedSharpCollection
View on GitHub
Attempt at Obfuscated version of SharpCollection
☆243Nov 15, 2025Updated 3 months ago
ioncodes / SilentLoad
View on GitHub
"Service-less" driver loading
☆184Nov 28, 2024Updated last year
NtDallas / KrakenMask
View on GitHub
Sleep obfuscation
☆268Dec 13, 2024Updated last year
xpn / CloudInject
View on GitHub
☆121Nov 21, 2024Updated last year
skelsec / pysnaffler
View on GitHub
pysnaffler
☆110Jan 6, 2026Updated last month
RWXstoned / LdrShuffle
View on GitHub
Code execution/injection technique using DLL PEB module structure manipulation
☆221Jun 4, 2025Updated 8 months ago
Orange-Cyberdefense / EDRSnowblast
View on GitHub
This project is an EDRSandblast fork, adding some features and custom pieces of code.
☆25Sep 29, 2023Updated 2 years ago
h4wkst3r / InvisibilityCloak
View on GitHub
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
☆603Jul 22, 2022Updated 3 years ago
safedv / GPOAnalyzer
View on GitHub
GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.
☆28Jun 14, 2024Updated last year
jsecu / ModTask
View on GitHub
☆53Sep 23, 2025Updated 5 months ago
LuemmelSec / APEX
View on GitHub
Azure Post Exploitation Framework
☆244Oct 27, 2025Updated 4 months ago
NtDallas / Draugr
View on GitHub
BOF with Synthetic Stackframe
☆225Oct 30, 2025Updated 3 months ago
silentwarble / PIC-Library
View on GitHub
A collection of position independent coding resources
☆107Nov 15, 2025Updated 3 months ago
kyleavery / AceLdr
View on GitHub
Cobalt Strike UDRL for memory scanner evasion.
☆1,006Jun 4, 2024Updated last year
CICADA8-Research / RemoteKrbRelay
View on GitHub
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
☆638May 8, 2025Updated 9 months ago
ricardojoserf / NativeDump
View on GitHub
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
☆701May 7, 2025Updated 9 months ago
Teach2Breach / snapinject_rs
View on GitHub
A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
☆50Jan 25, 2025Updated last year
RalfHacker / Kerbeus-BOF
View on GitHub
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
☆546Nov 23, 2025Updated 3 months ago
logangoins / Cable
View on GitHub
.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
☆400Jul 23, 2025Updated 7 months ago
Cracked5pider / Stardust
View on GitHub
A modern 32/64-bit position independent implant template
☆1,293Mar 21, 2025Updated 11 months ago
senzee1984 / MutationGate
View on GitHub
Use hardware breakpoint to dynamically change SSN in run-time
☆279Apr 10, 2024Updated last year