Alternatives and similar repositories for WonkaVision

Users that are interested in WonkaVision are comparing it to the libraries listed below

• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• LaresLLC / OffensiveSysAdmin
  A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools
  ☆88Updated last year
• pgormanDS / hash_spider
  A module for CME that spiders across a domain.
  ☆35Updated 2 years ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆95Updated last year
• AssuranceMaladieSec / FoxTerrier
  Python tool to find vulnerable AD object and generating csv report
  ☆26Updated 2 years ago
• ACE-Responder / ace-proctree
  Create a cool process tree like https://twitter.com/ACEResponder.
  ☆35Updated 2 years ago
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆57Updated 2 years ago
• roobixx / EventLogForRedTeams
  Simple PoC from Malicious Payload Injection from Windows Event Log Entry
  ☆27Updated 2 years ago
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆91Updated 2 years ago
• secureworks / TokenMan
  ☆100Updated 2 years ago
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆94Updated 11 months ago
• BCHarrell / redteamcmm
  ☆57Updated last year
• bagelByt3s / ludus_adfs
  An Ansible collection that installs an ADFS deployment with optional configurations.
  ☆39Updated 6 months ago
• rvrsh3ll / Azure-App-Tools
  Collection of tools to use with Azure Applications
  ☆109Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆94Updated 2 years ago
• bouj33boy / Domain-Persistence-Detection-Triage-and-Recovery-SO-CON-2024
  Resources Links for the Research Based on Josh Prager and Nico Shyne's
  ☆13Updated 8 months ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆67Updated 2 years ago
• doredry / TokenFinder
  Tool to extract powerful tokens from Office desktop apps memory
  ☆71Updated last year
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated last year
• PwnDefend / Active_Directory_ADSI_Audit_Powershell
  blame Huy
  ☆42Updated 4 years ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆77Updated last year
• ustayready / ShredHound
  Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
  ☆94Updated 2 years ago
• Mr-B0b / BloodCheck
  BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.
  ☆17Updated 4 years ago
• morRubin / AzureADJoinedMachinePTC
  Tool to perform lateral movement between AAD joined devices
  ☆61Updated 3 years ago
• techBrandon / CAPs
  Scripts to enumerate and report on Entra Conditional Access
  ☆32Updated last month
• bitsadmin / chophound
  Some scripts to support with importing large datasets into BloodHound
  ☆80Updated last year
• kiwids0220 / deviceCode2WinHello
  A small script that automates Entra ID persistence with Windows Hello For Business key
  ☆57Updated 4 months ago
• fozavci / TradecraftDevelopment-Fundamentals
  Tradecraft Development Fundamentals
  ☆40Updated 3 years ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆52Updated last year
• 0xe7 / PowerSploit
  PowerSploit - A PowerShell Post-Exploitation Framework
  ☆42Updated 3 months ago