Alternatives and similar repositories for TibaneC2

Users that are interested in TibaneC2 are comparing it to the libraries listed below

• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆61Updated 8 months ago
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆124Updated 6 months ago
• andreisss / Remote-DLL-Injection-with-Timer-based-Shellcode-Execution
  Remote DLL Injection with Timer-based Shellcode Execution
  ☆152Updated 5 months ago
• Aur3ns / LsassStealer
  Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…
  ☆122Updated 6 months ago
• absholi7ly / CVE-2025-0282-Ivanti-exploit
  CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…
  ☆52Updated last year
• DarkSpaceSecurity / SSH-Stealer
  Smart keylogging capability to steal SSH Credentials including password & Private Key
  ☆150Updated 9 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆68Updated 3 weeks ago
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆77Updated last year
• Acucarinho / havoc-obfuscator
  Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.
  ☆46Updated 5 months ago
• SecTheBit / ZoomBotC2
  ☆57Updated 6 months ago
• 0xJs / EnumEDRs
  Enumerate active EDR's on the system
  ☆148Updated 3 months ago
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Updated last year
• Network-Sec / CVE-2025-21420-PoC
  We found a way to DLL sideload with cleanmgr.exe
  ☆96Updated 10 months ago
• hdks-bug / redteam-techniques
  Collection of red team techniques.
  ☆64Updated 8 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 5 months ago
• 123ojp / GREtunnel-scanner
  This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆92Updated 4 months ago
• EvilWhales / nightshade
  ☆35Updated 6 months ago
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆89Updated 10 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆44Updated last year
• deriv-security / MeetC2
  (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.
  ☆129Updated 4 months ago
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆46Updated last year
• nbaertsch / AutoAppDomainHijack
  Automated .NET AppDomain hijack payload generation
  ☆128Updated 11 months ago
• Maldev-Academy / ElectronVulnScanner
  Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.
  ☆147Updated last month
• TwoSevenOneT / EDRStartupHinder
  EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.
  ☆99Updated this week
• EQSTLab / CVE-2024-46538
  PfSense Stored XSS lead to Arbitrary Code Execution exploit
  ☆49Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆70Updated last year
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61Updated 8 months ago
• Nicolas-Arsenault / Havoc-C2-RCE-2024
  Abusing SSRF to deliver an authenticated command injection payload
  ☆30Updated 4 months ago
• SaadAhla / Anti-Sandbox
  ☆48Updated last month
• tijme / nimplant-beacon-position-independent-c-code
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆66Updated 11 months ago