Alternatives and similar repositories for LummaC2-Stealer:

Users that are interested in LummaC2-Stealer are comparing it to the libraries listed below

• Mazzy-Stars / lain_c2
  command control framework
  ☆20Updated this week
• HulkOperator / AuthStager
  ☆54Updated 5 months ago
• winsecurity / AMSI-Bypass-HWBP
  ☆20Updated 3 weeks ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆47Updated last month
• gemini-security / GithubC2
  ☆28Updated last year
• ProcessusT / EnumSSN
  Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…
  ☆20Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆30Updated last year
• patrickhener / invictus
  OSED Practice binary
  ☆24Updated last year
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆22Updated 9 months ago
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆41Updated 8 months ago
• syncwithali / HavocExploit
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆35Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 6 months ago
• horizon3ai / CVE-2024-9465
  Proof of Concept Exploit for CVE-2024-9465
  ☆29Updated 5 months ago
• zer1t0 / keydump
  Dump Linux keyrings
  ☆17Updated 8 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆53Updated last month
• matro7sh / havoc-gosecdump
  ☆17Updated 4 months ago
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆28Updated 8 months ago
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated 2 years ago
• I3IT / Detect.Remote.ShadowSnapshot.Dump
  Detect Remote Local Credentials Dumping using a Shadow Snapshot
  ☆21Updated 2 months ago
• knight0x07 / NailaoLoader-Hiding-Execution-Flow
  NailaoLoader: Hiding Execution Flow via Patching
  ☆19Updated last month
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• Und3rf10w / CobaltStrikeBOFs
  Beacon Object Files used for Cobalt Strike
  ☆17Updated last year
• sinsinology / CVE-2024-5009
  Exploit for CVE-2024-5009
  ☆13Updated 8 months ago
• watchtowrlabs / CVE-2025-0282
  Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)
  ☆22Updated 2 months ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated last year
• atabetnouhaila / API-hashing
  ☆18Updated 5 months ago
• ACE-Responder / Empire-C2-RCE-PoC
  RCE PoC for Empire C2 framework <5.9.3
  ☆26Updated last year
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆38Updated last year
• PetrusViet / CVE-2023-38743
  ManageEngine ADManager Command Injection
  ☆11Updated last year
• 0xjessie21 / CVE-2025-24016
  CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)
  ☆33Updated last month