Alternatives and similar repositories for OWASSRF:

Users that are interested in OWASSRF are comparing it to the libraries listed below

• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆86Updated last year
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆93Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆153Updated last year
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆91Updated last year
• zeronetworks / ldapfw
  Protect your Domain Controllers by auditing and restricting LDAP requests
  ☆151Updated 3 months ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆66Updated 2 years ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆78Updated 7 months ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆139Updated 8 months ago
• trustedsec / specula
  ☆190Updated 7 months ago
• mertdas / SharpLateral
  Lateral Movement
  ☆122Updated last year
• 0xe7 / WonkaVision
  ☆82Updated 2 years ago
• mandiant / ccmpwn
  ☆200Updated last year
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆94Updated 9 months ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Updated last year
• wietze / Invoke-ArgFuscator
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆161Updated last week
• LuemmelSec / Custom-BloodHound-Queries
  ☆178Updated 4 months ago
• coffeegist / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆205Updated 2 weeks ago
• trustedsec / DitExplorer
  Tool for viewing NTDS.dit
  ☆155Updated last month
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆171Updated 2 years ago
• CCob / Shwmae
  ☆148Updated 2 months ago
• ZephrFish / LOLSearches
  Living off the land searches for explorer and sharepoint
  ☆78Updated 5 months ago
• synacktiv / ntdissector
  ☆139Updated 8 months ago
• dadevel / mssql-spider
  Automated exploitation of MSSQL servers at scale
  ☆108Updated 2 weeks ago
• MazX0p / ThreatHound
  ☆160Updated last year
• absolomb / FindMeAccess
  ☆88Updated last week
• xpn / sccmwtf
  ☆151Updated 2 months ago
• bouj33boy / Domain-Persistence-Detection-Triage-and-Recovery-SO-CON-2024
  Resources Links for the Research Based on Josh Prager and Nico Shyne's
  ☆13Updated 6 months ago
• synacktiv / Invoke-RunAsWithCert
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆150Updated 11 months ago
• daem0nc0re / Abusing_Weak_ACL_on_Certificate_Templates
  Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
  ☆122Updated 3 years ago