Alternatives and similar repositories for C2-Tool-Collection

Users that are interested in C2-Tool-Collection are comparing it to the libraries listed below

• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆154Updated last month
• Sh4N4C1 / sh4loader
  ☆29Updated last year
• 3lp4tr0n / RemoteMonologue
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆175Updated last month
• synacktiv / CVE-2024-43468
  ☆94Updated 11 months ago
• decoder-it / KrbRelay-SMBServer
  ☆230Updated last year
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆208Updated last year
• decoder-it / printerbugnew
  The DCERPC only printerbug.py version
  ☆179Updated last month
• OleFredrik1 / remoteKrbRelayx
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆141Updated 4 months ago
• MrAle98 / chisel
  A fast TCP/UDP tunnel over HTTP
  ☆23Updated 11 months ago
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆128Updated 5 months ago
• zimedev / certipy-merged
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆163Updated 7 months ago
• cisagov / snafflepy
  Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler
  ☆114Updated 5 months ago
• mallo-m / Cpp-ExecAssembly
  C++ Reflective Assembly Loader
  ☆29Updated 9 months ago
• mandiant / ccmpwn
  ☆215Updated last year
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆161Updated last year
• ibaiC / BadSuccessor
  A PoC for the dMSA Active Directory Domain Takeover deemed BadSuccessor
  ☆44Updated 4 months ago
• CompassSecurity / bloodhoundce-resources
  ☆85Updated 2 weeks ago
• Thunter-HackTeam / EvilentCoerce
  ☆152Updated 7 months ago
• decoder-it / KrbRelayEx-RPC
  ☆197Updated 8 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆118Updated last year
• kfallahi / UnderlayCopy
  PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads
  ☆227Updated last month
• Flangvik / ObfuscatedSharpCollection
  Attempt at Obfuscated version of SharpCollection
  ☆234Updated last month
• nromsdahl / squarephish2
  OAuth Device Code Phishing Toolkit
  ☆95Updated 3 months ago
• sensepost / susinternals
  psexecsvc - a python implementation of PSExec's native service implementation
  ☆226Updated 10 months ago
• SpecterOps / MSSQLHound
  PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph
  ☆272Updated last month
• rtecCyberSec / RAITrigger
  Local SYSTEM auth trigger for relaying
  ☆167Updated 4 months ago
• sud0Ru / NauthNRPC
  Enumerate Domain Users Without Authentication
  ☆278Updated 7 months ago
• CCob / gssapi-abuse
  A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks
  ☆183Updated 4 months ago
• amauricio / junkshell
  ☆73Updated 9 months ago
• login-securite / conpass
  Continuous password spraying tool
  ☆197Updated last week