whokilleddb/ClickForClickOnce external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

whokilleddb/ClickForClickOnce

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/whokilleddb/ClickForClickOnce)

Close

whokilleddb / ClickForClickOnceView on GitHubMore

• External links
• Readme badge

ClickForClickOnce - Generate configurable clickonce payloads

☆91Oct 10, 2025Updated 5 months ago

Alternatives and similar repositories for ClickForClickOnce

Users that are interested in ClickForClickOnce are comparing it to the libraries listed below

• 0xbbuddha / notion

  View on GitHub
  Notion C2 Profile for Mythic
  ☆35Mar 3, 2026Updated 2 weeks ago
• S12cybersecurity / FrankensteinAPCInjection

  View on GitHub
  Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueAp…
  ☆66Feb 17, 2026Updated last month
• rxOred / process-hollowing

  View on GitHub
  process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
  ☆31Jan 9, 2022Updated 4 years ago
• susMdT / ForsHops

  View on GitHub
  ForsHops
  ☆59Mar 25, 2025Updated 11 months ago
• Logisek / AzureADEnumeration

  View on GitHub
  Microsoft Entra ID (Azure AD) Unauthenticated Enumeration
  ☆69Feb 5, 2026Updated last month
• decoder-it / KrbRelayEx-RPC

  View on GitHub
  ☆198Mar 28, 2025Updated 11 months ago
• g0h4n / dende-rs

  View on GitHub
  Monitoring tool to detect patterns or IOCs (strings, regex, VirusTotal) and alert you and your team via console, Telegram or SMS written …
  ☆18Feb 17, 2026Updated last month
• Cobalt-Strike / eden

  View on GitHub
  A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…
  ☆107Jan 21, 2026Updated last month
• NtDallas / Huginn

  View on GitHub
  ☆77Feb 12, 2026Updated last month
• Whitecat18 / static_encrypt

  View on GitHub
  Static Encrypt is an crate that encrypts string literals at compile time and only decrypted at runtime when needed.
  ☆58Jan 17, 2026Updated 2 months ago
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆61Jun 9, 2025Updated 9 months ago
• JeanBonBeurre34 / cc-agent

  View on GitHub
  ☆28Updated this week
• demonpy / Rat-Binder

  View on GitHub
  bind your malware or reverse shell into any file (jpg - jpeg - txt - mp4 or any format ;) )
  ☆10Mar 26, 2019Updated 6 years ago
• two06 / SharpShot

  View on GitHub
  Capture screenshots from .NET using .NET methods or Windows API calls
  ☆66Mar 9, 2020Updated 6 years ago
• Ridter / netsync

  View on GitHub
  Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.
  ☆62Feb 25, 2025Updated last year
• t3hbb / citrixphishlet

  View on GitHub
  Citrix Phishlet
  ☆24Feb 2, 2021Updated 5 years ago
• rasta-mouse / Crystal-Loaders

  View on GitHub
  A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike
  ☆193Oct 29, 2025Updated 4 months ago
• gatariee / minrm

  View on GitHub
  a minimalistic winrm client written in python
  ☆25Mar 6, 2026Updated 2 weeks ago
• synacktiv / sccmsqlclient

  View on GitHub
  ☆26Aug 5, 2025Updated 7 months ago
• Tylous / FaceDancer

  View on GitHub
  FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…
  ☆407Sep 26, 2024Updated last year
• cybersecua / CyberStrikeAI

  View on GitHub
  CyberStrikeAI is an AI-native security testing platform built in Go. It integrates 100+ security tools, an intelligent orchestration engi…
  ☆36Mar 10, 2026Updated last week
• techenthusiast167 / Phisher

  View on GitHub
  Professional Phishing Awareness & Cybersecurity Education Platform
  ☆24Oct 17, 2025Updated 5 months ago
• pard0p / Self-Cleaning-PICO-Loader

  View on GitHub
  Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …
  ☆51Nov 2, 2025Updated 4 months ago
• panagioto / SyscallHide

  View on GitHub
  Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
  ☆79Feb 27, 2020Updated 6 years ago
• NtDallas / MemLoader

  View on GitHub
  Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible
  ☆271Jun 18, 2025Updated 9 months ago
• Xanthorox / Fusion-Crypter

  View on GitHub
  An simple crypter made with Xanthorox AI for Testing v5 pro capabilities
  ☆40Feb 11, 2026Updated last month
• c0rdyc3ps / ScrappyDoo

  View on GitHub
  Opengraph-Compatible JSON Generator for BloodHound
  ☆27Jan 12, 2026Updated 2 months ago
• inzlain / sameuser

  View on GitHub
  Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual
  ☆14Jul 13, 2022Updated 3 years ago
• invictus-0x90 / Docker-C3

  View on GitHub
  Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container
  ☆27Oct 24, 2021Updated 4 years ago
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆436Dec 21, 2023Updated 2 years ago
• zero2504 / COMouflage

  View on GitHub
  COM-based DLL Surrogate Injection
  ☆142Dec 9, 2025Updated 3 months ago
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆150Apr 18, 2025Updated 11 months ago
• nopbrick / CobaltStrike-Redirector

  View on GitHub
  C2 redirector as a web API
  ☆10May 22, 2021Updated 4 years ago
• nccgroup / mimikatz-detector-busylight

  View on GitHub
  USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…
  ☆21Sep 6, 2022Updated 3 years ago
• fern89 / ghostwriting-2

  View on GitHub
  A process injection technique using only thread context manipulation
  ☆41Dec 18, 2023Updated 2 years ago
• EvanMcBroom / fuse-loader

  View on GitHub
  Load a dynamic library from memory using a fuse mount
  ☆31Sep 15, 2023Updated 2 years ago
• Tylous / Slides

  View on GitHub
  ☆39Apr 23, 2024Updated last year
• 0xTriboulet / emerald_template

  View on GitHub
  A cmake template for crystal palace
  ☆39Dec 20, 2025Updated 3 months ago
• 0xsch1zo / NullGate

  View on GitHub
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆166Jul 30, 2025Updated 7 months ago