Alternatives and similar repositories for ControlSTUDIO

Users that are interested in ControlSTUDIO are comparing it to the libraries listed below

• Adaptix-Framework / templates-extender
  Templates for developing your own listeners and agents for AdaptixC2.
  ☆41Updated last week
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated last year
• xelemental / Mal-LNK-Generator
  ☆38Updated 9 months ago
• decoder-it / Troopers24
  ☆43Updated last year
• eversinc33 / UnXorStringsNet
  Deobfuscation of XorStringsNet
  ☆14Updated last year
• 123ojp / GREtunnel-scanner
  This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆90Updated 4 months ago
• 0xB455 / ActiveSyncBruter
  ☆26Updated 10 months ago
• sensepost / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆86Updated 10 months ago
• whokilleddb / SOAPHound
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆33Updated last year
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆21Updated 9 months ago
• Xenov-X / csbot
  Golang Automation Framework for Cobalt Strike using the Rest API
  ☆56Updated last month
• zarkones / netescape
  Malware traffic obfuscation library
  ☆39Updated 5 months ago
• mubix / Find-WSUS
  Helps defenders find their WSUS configurations in the wake of CVE-2025-59287
  ☆44Updated 2 months ago
• skelsec / adiskreader-secretsdump
  Extract registry and NTDS secrets from local or remote disk images
  ☆45Updated 9 months ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆35Updated 2 years ago
• OOAFA / squeegee
  A collection of tools using OCR to extract potential usernames from RDP screenshots.
  ☆30Updated last year
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆101Updated 6 months ago
• MaorSabag / impacket-jump
  Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…
  ☆111Updated last month
• Acucarinho / havoc-obfuscator
  Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.
  ☆47Updated 4 months ago
• kypvas / LDIFToBloodHound
  A Windows tool that converts LDIF files to BloodHound CE
  ☆23Updated 2 weeks ago
• ASP4RUX / bypassEDR-AV
  ☆59Updated last year
• HulkOperator / AuthStager
  ☆59Updated last year
• nullenc0de / trust-validator
  Validates priv escalation of AD trusts
  ☆48Updated 9 months ago
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆90Updated 11 months ago
• mlcsec / SigFinder
  Identify binaries with Authenticode digital signatures signed to an internal CA/domain
  ☆40Updated last year
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated 2 years ago
• Logisek / CalcOrItDidntHappen
  A curated collection of Living off the Land (LotL) attack demonstrations where trusted binaries go rogue, because if it didn’t launch cal…
  ☆33Updated 2 months ago
• CorvraLabs / EvilNeko
  ☆53Updated this week
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆42Updated 3 months ago