Alternatives and similar repositories for C4

Users that are interested in C4 are comparing it to the libraries listed below

• decoder-it / printerbugnew
  The DCERPC only printerbug.py version
  ☆152Updated 2 weeks ago
• xpn / CloudInject
  ☆115Updated 11 months ago
• synacktiv / AADOutsider-py
  Python3 rewrite of AsOutsider features of AADInternals
  ☆57Updated 3 months ago
• morRubin / NegoExRelay
  ☆88Updated 3 years ago
• sevagas / Advanced_Initial_access_in_2024_OffensiveX
  Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"
  ☆146Updated last year
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆52Updated 3 years ago
• JumpsecLabs / WALK_WebAssembly_Lure_Krafter
  A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …
  ☆92Updated last year
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆147Updated last year
• ghost-ng / slinger
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆54Updated last month
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆121Updated last year
• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆101Updated 3 years ago
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆88Updated 10 months ago
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆119Updated 2 years ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆107Updated 2 years ago
• zblurx / impersonate-rs
  Rusty Impersonate
  ☆102Updated last month
• decoder-it / ChgPass
  ☆135Updated 9 months ago
• BronzeBee / DavRelayUp
  An old Windows workstations LPE for domain environments without LDAP signing/channel binding.
  ☆33Updated 2 years ago
• two06 / CerealKiller
  .NET deserialization hunter
  ☆80Updated last year
• rasta-mouse / SpawnWith
  ☆109Updated 8 months ago
• m8sec / Dispatch
  Evasive Payload Delivery Server & C2 Redirector
  ☆110Updated 2 weeks ago
• praetorian-inc / google-redirector
  A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.
  ☆114Updated 2 weeks ago
• OtterHacker / AWSRedirector
  ☆57Updated 9 months ago
• LaresLLC / SuperSharpShares
  SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your a…
  ☆75Updated last year
• secure-77 / Certipy-Docker
  Certipy in Docker
  ☆11Updated last year
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆41Updated 2 years ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆59Updated 8 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆168Updated last year
• zyn3rgy / ClickonceHunter
  Golang search engine scraper intended for identification of published ClickOnce deployments
  ☆89Updated 11 months ago
• Krypteria / Neo4LDAP
  Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…
  ☆88Updated this week
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆80Updated 2 years ago