Alternatives and similar repositories for mythic_mcp

Users that are interested in mythic_mcp are comparing it to the libraries listed below

• 0xTriboulet / T-70

  View on GitHub
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆40Oct 30, 2024Updated last year
• atomicchonk / roadrecon_mcp_server

  View on GitHub
  Claude MCP server to perform analysis on ROADrecon data
  ☆48Mar 30, 2025Updated 10 months ago
• whokilleddb / sinister-vsix

  View on GitHub
  Blog/Journal on how to backdoor VSCode extensions
  ☆76Updated this week
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆220Oct 30, 2025Updated 3 months ago
• ZERODETECTION / Havoc_Demon_API_Hashing

  View on GitHub
  Rehashing APIs to prevent hash based detection
  ☆14Jan 7, 2025Updated last year
• Meowmycks / koneko

  View on GitHub
  Robust Cobalt Strike shellcode loader with multiple advanced evasion features
  ☆199Apr 21, 2025Updated 9 months ago
• Faran-17 / Hellshazzard

  View on GitHub
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Aug 13, 2024Updated last year
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆208Jan 30, 2025Updated last year
• ameenalkerdy / ETWShellcodeLoader

  View on GitHub
  Shellcode Loader Utilizing ETW Events
  ☆67Feb 26, 2025Updated 11 months ago
• silentwarble / hbin_template

  View on GitHub
  Post-Ex BOF tooling for Hannibal
  ☆24Nov 20, 2024Updated last year
• silentwarble / Hannibal

  View on GitHub
  Mythic C2 Agent written in x64 PIC C
  ☆84Jan 29, 2025Updated last year
• dmcxblue / PyObscura

  View on GitHub
  A python script that automates a C2 Profile build
  ☆48Dec 14, 2025Updated 2 months ago
• dunderhay / git-rotate

  View on GitHub
  Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking
  ☆148May 23, 2024Updated last year
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆35Jan 20, 2025Updated last year
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆208Dec 25, 2024Updated last year
• MythicAgents / nemesis

  View on GitHub
  Nemesis agent for Mythic
  ☆28Dec 11, 2025Updated 2 months ago
• tijme / relocatable

  View on GitHub
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆116Jan 20, 2025Updated last year
• CroodSolutions / BypassIT

  View on GitHub
  BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.
  ☆45Jul 6, 2025Updated 7 months ago
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆72Sep 9, 2025Updated 5 months ago
• wcrooker / PhishHook

  View on GitHub
  A modern GoPhish fork with improved tracking accuracy and smarter detection.
  ☆78Feb 6, 2026Updated last week
• silentwarble / PIC-Library

  View on GitHub
  A collection of position independent coding resources
  ☆107Nov 15, 2025Updated 3 months ago
• mubix / redteam-collab

  View on GitHub
  Red Team Collaboration Infrastructure
  ☆98Apr 24, 2025Updated 9 months ago
• rbmm / SDD2

  View on GitHub
  Self delete DLL (2)
  ☆14Feb 15, 2024Updated 2 years ago
• froyo75 / SpREaD

  View on GitHub
  A collection of Terraform projects, Ansible playbooks, and roles designed to build a Red Team infrastructure.
  ☆18Jan 3, 2026Updated last month
• JCSteiner / Emperor-Public

  View on GitHub
  Payload Generation Workflow
  ☆40Jul 18, 2025Updated 6 months ago
• Kryp7os / SharpRBCD

  View on GitHub
  An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD
  ☆49Mar 10, 2025Updated 11 months ago
• hasherezade / waiting_thread_hijacking

  View on GitHub
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆262Aug 31, 2025Updated 5 months ago
• Shrfnt77 / AmsiBypass

  View on GitHub
  Bypassing Amsi using LdrLoadDll
  ☆47Jan 8, 2025Updated last year
• us-cyber-team / nim_for_hackers2

  View on GitHub
  slides for talk given during uscg 2023 combine
  ☆38Sep 6, 2023Updated 2 years ago
• GhostPack / RAGnarok

  View on GitHub
  A Nemesis powered Retrieval-Augmented Generation (RAG) chatbot proof-of-concept.
  ☆70Aug 4, 2025Updated 6 months ago
• mez-0 / offensive-groovy

  View on GitHub
  Groovy Post Exploitation
  ☆20Oct 21, 2024Updated last year
• GoSecure / prompt

  View on GitHub
  AI-based implant feature
  ☆25Apr 28, 2025Updated 9 months ago
• kozmer / aad-bofs

  View on GitHub
  ☆137Nov 17, 2025Updated 2 months ago
• EricEsquivel / OpsLoader

  View on GitHub
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆45Sep 25, 2024Updated last year
• Teach2Breach / phantom_persist_rs

  View on GitHub
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆63Jun 23, 2025Updated 7 months ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• 0xHossam / HuffLoader

  View on GitHub
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆282Apr 6, 2025Updated 10 months ago
• Octoberfest7 / zip_smuggling

  View on GitHub
  Python3 utility for creating zip files that smuggle additional data for later extraction
  ☆264May 15, 2025Updated 9 months ago
• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆62Nov 8, 2024Updated last year