Alternatives and similar repositories for LummaC2-Stealer:

Users that are interested in LummaC2-Stealer are comparing it to the libraries listed below

• HulkOperator / AuthStager
  ☆54Updated 6 months ago
• K3rnel-Dev / MisterioLNK
  LNK-Dropper Builder
  ☆22Updated 3 weeks ago
• knight0x07 / DarkGate-Install-Script-via-DNS-TXT-Record
  PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
  ☆41Updated last year
• FarghlyMal / leaked_src
  some leaked src code for known and unknown malwares
  ☆21Updated 3 weeks ago
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆41Updated 7 months ago
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆47Updated last year
• syncwithali / HavocExploit
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆35Updated last year
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆21Updated this week
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆55Updated 8 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆21Updated this week
• EvilBytecode / Amsi-Patch-Updated-2025
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆13Updated this week
• gemini-security / GithubC2
  ☆28Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 8 months ago
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆41Updated 8 months ago
• ACE-Responder / Empire-C2-RCE-PoC
  RCE PoC for Empire C2 framework <5.9.3
  ☆26Updated last year
• ProcessusT / EnumSSN
  Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…
  ☆20Updated last year
• trevorsaudi / Zero-Import-Malware
  Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…
  ☆38Updated last year
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆92Updated 6 months ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆50Updated last month
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆27Updated last year
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆31Updated last year
• winsecurity / AMSI-Bypass-HWBP
  ☆21Updated last month
• brosck / Rebellion
  「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
  ☆23Updated 2 weeks ago
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated 10 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆21Updated 2 months ago
• Mazzy-Stars / lain_c2
  command control framework
  ☆21Updated 2 weeks ago
• 0x11DFE / file-unpumper
  Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.
  ☆26Updated 3 weeks ago
• 0xTriboulet / T-70
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆39Updated 5 months ago
• NexusFuzzy / redline_config
  Tool to retrieve Config from Redline C2 servers
  ☆16Updated 2 years ago