xct/xc external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

xct/xc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xct/xc)

Close

xct / xcView on GitHubMore

• External links
• Readme badge

A small reverse shell for Linux & Windows

☆623Jun 5, 2024Updated last year

Alternatives and similar repositories for xc

Users that are interested in xc are comparing it to the libraries listed below

• xct / rcat

  View on GitHub
  rcat
  ☆75Mar 7, 2022Updated 3 years ago
• xct / winpspy

  View on GitHub
  CLI monitor for windows process- & file activity
  ☆97Nov 20, 2020Updated 5 years ago
• antonioCoco / RoguePotato

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆1,150Jan 9, 2021Updated 5 years ago
• S3cur3Th1sSh1t / PowerSharpPack

  View on GitHub
  ☆1,669Apr 14, 2025Updated 10 months ago
• antonioCoco / RemotePotato0

  View on GitHub
  Windows Privilege Escalation from User to Domain Admin.
  ☆1,439Dec 18, 2022Updated 3 years ago
• itm4n / PrivescCheck

  View on GitHub
  Privilege Escalation Enumeration Script for Windows
  ☆3,697Jan 30, 2026Updated last month
• CravateRouge / bloodyAD

  View on GitHub
  BloodyAD is an Active Directory Privilege Escalation Framework
  ☆2,098Updated this week
• RedTeamPentesting / pretender

  View on GitHub
  Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
  ☆1,263Dec 9, 2025Updated 2 months ago
• the-useless-one / pywerview

  View on GitHub
  A (partial) Python rewriting of PowerSploit's PowerView
  ☆1,101Jan 21, 2026Updated last month
• S3cur3Th1sSh1t / WinPwn

  View on GitHub
  Automation for internal Windows Penetrationtest / AD-Security
  ☆3,644Aug 28, 2025Updated 6 months ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,606Jul 10, 2023Updated 2 years ago
• antonioCoco / ConPtyShell

  View on GitHub
  ConPtyShell - Fully Interactive Reverse Shell for Windows
  ☆1,188Jan 20, 2023Updated 3 years ago
• Flangvik / SharpCollection

  View on GitHub
  Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure …
  ☆2,779Feb 18, 2026Updated last week
• optiv / ScareCrow

  View on GitHub
  ScareCrow - Payload creation framework designed around EDR bypass.
  ☆2,874Aug 18, 2023Updated 2 years ago
• login-securite / lsassy

  View on GitHub
  Extract credentials from lsass remotely
  ☆2,178Dec 24, 2025Updated 2 months ago
• FuzzySecurity / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆839Dec 2, 2023Updated 2 years ago
• wh0amitz / S4UTomato

  View on GitHub
  Escalate Service Account To LocalSystem via Kerberos
  ☆403Sep 14, 2023Updated 2 years ago
• Aetsu / OffensivePipeline

  View on GitHub
  OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…
  ☆820Oct 27, 2023Updated 2 years ago
• login-securite / DonPAPI

  View on GitHub
  Dumping DPAPI credz remotely
  ☆1,328Mar 24, 2025Updated 11 months ago
• GhostPack / ForgeCert

  View on GitHub
  "Golden" certificates
  ☆710Aug 17, 2024Updated last year
• Dec0ne / DavRelayUp

  View on GitHub
  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
  ☆568Jun 5, 2023Updated 2 years ago
• NH-RED-TEAM / RustHound

  View on GitHub
  Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀
  ☆1,128Oct 21, 2024Updated last year
• p0dalirius / Coercer

  View on GitHub
  A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
  ☆2,182Jan 5, 2026Updated last month
• antonioCoco / JuicyPotatoNG

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆939Nov 12, 2022Updated 3 years ago
• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆540Nov 20, 2021Updated 4 years ago
• CCob / SweetPotato

  View on GitHub
  Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
  ☆1,812Sep 4, 2024Updated last year
• lefayjey / linWinPwn

  View on GitHub
  linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
  ☆2,156Updated this week
• fortra / nanodump

  View on GitHub
  The swiss army knife of LSASS dumping
  ☆2,072Sep 17, 2024Updated last year
• antonioCoco / RunasCs

  View on GitHub
  RunasCs - Csharp and open version of windows builtin runas.exe
  ☆1,341Jul 12, 2024Updated last year
• ly4k / Certipy

  View on GitHub
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆3,401Feb 18, 2026Updated last week
• 0xsp-SRD / mortar

  View on GitHub
  evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
  ☆1,498Dec 21, 2023Updated 2 years ago
• cube0x0 / KrbRelay

  View on GitHub
  Framework for Kerberos relaying
  ☆937May 29, 2022Updated 3 years ago
• Kevin-Robertson / Powermad

  View on GitHub
  PowerShell MachineAccountQuota and DNS exploit tools
  ☆1,438Jan 11, 2023Updated 3 years ago
• 61106960 / adPEAS

  View on GitHub
  Powershell tool to automate Active Directory enumeration.
  ☆1,284Sep 9, 2025Updated 5 months ago
• SnaffCon / Snaffler

  View on GitHub
  a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
  ☆2,737Feb 2, 2026Updated last month
• topotam / PetitPotam

  View on GitHub
  PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
  ☆2,179Aug 15, 2024Updated last year
• ShutdownRepo / pywhisker

  View on GitHub
  Python version of the C# tool for "Shadow Credentials" attacks
  ☆858Feb 14, 2026Updated 2 weeks ago
• zcgonvh / EfsPotato

  View on GitHub
  Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
  ☆816Dec 14, 2023Updated 2 years ago
• Flangvik / NetLoader

  View on GitHub
  Loads any C# binary in mem, patching AMSI + ETW.
  ☆839Oct 3, 2021Updated 4 years ago