Alternatives and similar repositories for rattler

Users that are interested in rattler are comparing it to the libraries listed below

• mdsecactivebreach / CACTUSTORCH

  View on GitHub
  CACTUSTORCH: Payload Generation for Adversary Simulations
  ☆1,013Jul 3, 2018Updated 7 years ago
• MojtabaTajik / Robber

  View on GitHub
  Robber is open source tool for finding executables prone to DLL hijacking
  ☆785Jun 23, 2022Updated 3 years ago
• nettitude / PoshC2_Old

  View on GitHub
  Powershell C2 Server and Implants
  ☆574Nov 11, 2019Updated 6 years ago
• hlldz / Phant0m

  View on GitHub
  Windows Event Log Killer
  ☆1,810Sep 21, 2023Updated 2 years ago
• tyranid / DotNetToJScript

  View on GitHub
  A tool to create a JScript file which loads a .NET v2 assembly from memory.
  ☆1,316Jan 18, 2021Updated 5 years ago
• govolution / avet

  View on GitHub
  AntiVirus Evasion Tool
  ☆1,739Apr 23, 2025Updated 9 months ago
• monoxgas / sRDI

  View on GitHub
  Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
  ☆2,497Nov 15, 2023Updated 2 years ago
• Arno0x / NtlmRelayToEWS

  View on GitHub
  ntlm relay attack to Exchange Web Services
  ☆334Jan 15, 2018Updated 8 years ago
• bhdresh / lazykatz

  View on GitHub
  Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software…
  ☆199Nov 19, 2017Updated 8 years ago
• SadProcessor / EmpireDog

  View on GitHub
  A collection of PowerShell Modules for BloodHound/Empire Orchestration
  ☆109Sep 26, 2017Updated 8 years ago
• mdsecactivebreach / SharpShooter

  View on GitHub
  Payload Generation Framework
  ☆1,956Aug 21, 2024Updated last year
• nccgroup / WMIcmd

  View on GitHub
  A command shell wrapper using only WMI for Microsoft Windows
  ☆334Jun 24, 2017Updated 8 years ago
• GreatSCT / GreatSCT

  View on GitHub
  The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…
  ☆1,131Feb 10, 2021Updated 5 years ago
• mdsecactivebreach / RDPInception

  View on GitHub
  A proof of concept for the RDP Inception Attack
  ☆353Jun 29, 2017Updated 8 years ago
• ryhanson / ExternalC2

  View on GitHub
  A library for integrating communication channels with the Cobalt Strike External C2 server
  ☆290Nov 23, 2017Updated 8 years ago
• 0xbadjuju / Tokenvator

  View on GitHub
  A tool to elevate privilege with Windows Tokens
  ☆1,055Oct 6, 2023Updated 2 years ago
• BeetleChunks / redsails

  View on GitHub
  RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: h…
  ☆307Oct 18, 2017Updated 8 years ago
• BorjaMerino / Pazuzu

  View on GitHub
  Pazuzu: Reflective DLL to run binaries from memory
  ☆214Aug 4, 2020Updated 5 years ago
• Rvn0xsy / Cooolis-ms

  View on GitHub
  Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具，它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的…
  ☆929Jan 7, 2026Updated last month
• rootclay / WMIHACKER

  View on GitHub
  A Bypass Anti-virus Software Lateral Movement Command Execution Tool
  ☆1,465Jan 20, 2025Updated last year
• sensepost / ruler

  View on GitHub
  A tool to abuse Exchange services
  ☆2,297Jun 10, 2024Updated last year
• threatexpress / malleable-c2

  View on GitHub
  Cobalt Strike Malleable C2 Design and Reference Guide
  ☆1,750Dec 13, 2023Updated 2 years ago
• GoFetchAD / GoFetch

  View on GitHub
  GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
  ☆634Jun 20, 2017Updated 8 years ago
• brimstone / go-shellcode

  View on GitHub
  Load shellcode into a new process
  ☆769Jun 2, 2021Updated 4 years ago
• threatexpress / cs2modrewrite

  View on GitHub
  Convert Cobalt Strike profiles to modrewrite scripts
  ☆611Jan 30, 2023Updated 3 years ago
• 0x09AL / RdpThief

  View on GitHub
  Extracting Clear Text Passwords from mstsc.exe using API Hooking.
  ☆1,422Jul 20, 2024Updated last year
• gentilkiwi / kekeo

  View on GitHub
  A little toolbox to play with Microsoft Kerberos in C
  ☆1,505Dec 14, 2021Updated 4 years ago
• quickbreach / ExchangeRelayX

  View on GitHub
  An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.
  ☆305Sep 7, 2022Updated 3 years ago
• harleyQu1nn / AggressorScripts

  View on GitHub
  Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
  ☆1,529Jun 30, 2023Updated 2 years ago
• SpiderLabs / portia

  View on GitHub
  Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…
  ☆502Aug 7, 2020Updated 5 years ago
• Kevin-Robertson / Invoke-TheHash

  View on GitHub
  PowerShell Pass The Hash Utils
  ☆1,716Dec 9, 2018Updated 7 years ago
• outflanknl / SharpHide

  View on GitHub
  Tool to create hidden registry keys.
  ☆491Oct 23, 2019Updated 6 years ago
• NytroRST / ShellcodeCompiler

  View on GitHub
  Shellcode Compiler
  ☆1,147Sep 1, 2024Updated last year
• darkr4y / geacon

  View on GitHub
  Practice Go programming and implement CobaltStrike's Beacon in Go
  ☆1,260Oct 2, 2020Updated 5 years ago
• 0x09AL / DNS-Persist

  View on GitHub
  DNS-Persist is a post-exploitation agent which uses DNS for command and control.
  ☆208Nov 20, 2017Updated 8 years ago
• FuzzySecurity / PowerShell-Suite

  View on GitHub
  My musings with PowerShell
  ☆2,705Nov 19, 2021Updated 4 years ago
• ReversecLabs / C3

  View on GitHub
  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…
  ☆1,722Jan 16, 2026Updated 3 weeks ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,594Jul 10, 2023Updated 2 years ago
• secretsquirrel / SigThief

  View on GitHub
  Stealing Signatures and Making One Invalid Signature at a Time
  ☆2,365Aug 11, 2021Updated 4 years ago