Alternatives and similar repositories for NetRunners

Users that are interested in NetRunners are comparing it to the libraries listed below

• 808ale / CipherRun
  CipherRun is an ethical hacking tool used to execute shellcode easily while bypassing antivirus solutions.
  ☆12Updated last year
• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆55Updated last year
• whokilleddb / SOAPHound
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆33Updated last year
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆42Updated last year
• GeorgePatsias / AskCreds-CS
  A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.
  ☆16Updated 3 years ago
• 0xAbdullah / Offensive-Snippets
  A repository with my code snippets for research/education purposes.
  ☆52Updated 2 years ago
• lefayjey / SharpSQLPwn
  C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments
  ☆113Updated 3 years ago
• Leo4j / PowerDACL
  A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)
  ☆60Updated 4 months ago
• The-Viper-One / Invoke-PassTheCert
  Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆49Updated 7 months ago
• susMdT / SharpAgent
  C# havoc implant
  ☆101Updated 2 years ago
• SecTheBit / MalDevelopment
  All my POC related to malware development
  ☆14Updated last year
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆76Updated 2 years ago
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆52Updated 3 years ago
• p4p1 / havoc-reporter
  A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.
  ☆14Updated 2 years ago
• Leo4j / Find-LocalAdminAccess
  Check the Domain for Local Admin Access
  ☆18Updated 9 months ago
• Workingdaturah / BOF-Learning
  Cobalt Strike BOFS
  ☆16Updated last year
• skelsec / adiskreader-secretsdump
  Extract registry and NTDS secrets from local or remote disk images
  ☆44Updated 8 months ago
• ASP4RUX / bypassEDR-AV
  ☆59Updated last year
• Leo4j / Invoke-ShareHunter
  Enumerate the Domain for Readable and Writable Shares
  ☆22Updated last week
• ghost-ng / slinger
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆56Updated last month
• 0xe7 / PowerSploit
  PowerSploit - A PowerShell Post-Exploitation Framework
  ☆42Updated 7 months ago
• jojonas / SharpSAMDump
  SAM Dumping in C#
  ☆54Updated 10 months ago
• gatariee / locate-bof
  A BOF for lazy people
  ☆23Updated last year
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆56Updated 3 years ago
• aress31 / clm-rout
  A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
  ☆21Updated 3 years ago
• OffsecDeer / TargetedTimeroast
  Tamper Active Directory user attributes to collect their hashes with MS-SNTP
  ☆41Updated 10 months ago
• n0tspam / RunspaceLoader
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Updated last year
• 0xb11a1 / sliver_extension_uac_bypass_cmstp
  Sliver extension to bypass UAC via cmstp written in rust
  ☆32Updated last year
• Yeeb1 / SharpLansweeperDecrypt
  Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.
  ☆40Updated 11 months ago
• thelikes / sharpsh
  C# .Net Framework program that uses RunspaceFactory for Powershell command execution.
  ☆21Updated 3 years ago