Active Directory forensic framework
☆16May 18, 2026Updated last month
Alternatives and similar repositories for ntdsxtract
Users that are interested in ntdsxtract are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 4 months ago
- Reimplementing Havoc Pro Runtime Channel Switching and Cobalt Strike UDC2 features.☆46Jun 23, 2026Updated 3 weeks ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆107Jan 10, 2026Updated 6 months ago
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 6 months ago
- Adaptix C2 extender to support Cobalt Strike Malleable C2 profiles☆47Jun 28, 2026Updated 2 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆62Feb 4, 2026Updated 5 months ago
- A tool for detecting subdomain takeover vulnerabilities by checking DNS records☆33May 28, 2026Updated last month
- NØW is a word-based shellcode encoding and obfuscation tool that transforms raw shellcode bytes into natural-looking English prose.☆68Jun 24, 2026Updated 2 weeks ago
- Demonstrating 3 persistence layers from a single EXE, that converts itself into proxy DLLs at runtime☆94Mar 29, 2026Updated 3 months ago
- Tor transport bridge for Sliver C2 - anonymous command and control☆52Jan 20, 2026Updated 5 months ago
- Polymorphic AV/AMSI bypass toolkit - Donut shellcode runner for offensive .NET/PE tools☆36May 26, 2026Updated last month
- Dockerized template to build CS BOFs using clang-cl☆26Jan 29, 2026Updated 5 months ago
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- Object file loader implemented as a post-ex DLL for asynchronous BOF execution.☆29Jun 15, 2026Updated 3 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- DynLoader A modular Windows loader focused on EDR evasion Built with indirect syscall (Tartarus Gate / Hell’s Gate), Manual PE parsing …☆56Updated this week
- InstantCrack es un motor de recuperación de hashes de alto rendimiento diseñado para realizar búsquedas instantáneas en bases de datos pr…☆26Jan 19, 2026Updated 5 months ago
- Lab Work☆82Jun 29, 2026Updated 2 weeks ago
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- The largest open-source unified Sub-GHz RF device protocol database. 425 protocols across 40 categories.☆19Apr 8, 2026Updated 3 months ago
- A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more☆57Jun 24, 2026Updated 2 weeks ago
- Windows SSH Misconfiguration Discovery Tool - Map lateral movement paths through misconfigured SSH services in Active Directory environme…☆88May 11, 2026Updated 2 months ago
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- Automagically decode DNS Exfiltration queries to convert Blind RCE into proper RCE via Burp Collaborator☆21Jan 7, 2026Updated 6 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Patching the Secure Kernel to enable debugging of VTL 1 Isolated User Mode☆73May 14, 2026Updated 2 months ago
- The samples referenced in my book, Evasive Malware (No starch Press)☆62Feb 20, 2026Updated 4 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆90Oct 20, 2025Updated 8 months ago
- Installs ADDS and configures a vulnerable domain via a powershell script☆15Jul 13, 2023Updated 3 years ago
- A shellcode loader generator with support for multiple injection techniques, built for red team engagements.☆93Jul 1, 2026Updated last week
- Evasive loader for .NET Framework assemblies☆82May 12, 2026Updated 2 months ago
- Impersonate Windows tokens in Nim☆24Aug 4, 2025Updated 11 months ago
- Black-box web penetration testing automation framework for AI Agents☆20Jun 28, 2026Updated 2 weeks ago
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆58Jul 13, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Capture incoming TGTs in pure PowerShell to avoid using Rubeus☆30Mar 29, 2026Updated 3 months ago
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆49Feb 19, 2026Updated 4 months ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆47Jun 15, 2026Updated last month
- A PowerShell wrapper for certutil.exe☆21Mar 18, 2026Updated 3 months ago
- Staged DLL injection proof-of-concept built in C using Win32 APIs — developed in an isolated lab environment for red team certification s…☆40Jun 4, 2026Updated last month
- A Bloodhound alternative. BloodBash will ingest the same files bloodhound does but no server is required to use this tool. It's great for…☆237Updated this week
- Thermal pocket printer - BLE protocol reverse engineering, Python CLI, and web GUI☆15May 4, 2026Updated 2 months ago