Alternatives and similar repositories for OWASSRF:

Users that are interested in OWASSRF are comparing it to the libraries listed below

• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆93Updated last year
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆85Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆152Updated last year
• 0xe7 / WonkaVision
  ☆82Updated 2 years ago
• coffeegist / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆200Updated 3 months ago
• mertdas / SharpLateral
  Lateral Movement
  ☆123Updated last year
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆168Updated 6 months ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆61Updated 2 years ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• MazX0p / ThreatHound
  ☆159Updated last year
• zeronetworks / ldapfw
  Protect your Domain Controllers by auditing and restricting LDAP requests
  ☆151Updated 2 months ago
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆100Updated 6 months ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆116Updated last year
• TheresAFewConors / MSSprinkler
  MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It emp…
  ☆74Updated 3 weeks ago
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆159Updated 3 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆76Updated 6 months ago
• itaymigdal / LOLSpoof
  An interactive shell to spoof some LOLBins command line
  ☆184Updated last year
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆137Updated 7 months ago
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆169Updated 2 years ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆90Updated last year
• mandiant / ccmpwn
  ☆193Updated 11 months ago
• bouj33boy / Domain-Persistence-Detection-Triage-and-Recovery-SO-CON-2024
  Resources Links for the Research Based on Josh Prager and Nico Shyne's
  ☆13Updated 5 months ago
• JPG0mez / ADCSync
  Use ESC1 to perform a makeshift DCSync and dump hashes
  ☆203Updated last year
• CCob / Shwmae
  ☆146Updated last month
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆127Updated 8 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆84Updated 8 months ago
• trustedsec / specula
  ☆190Updated 6 months ago
• roobixx / EventLogForRedTeams
  Simple PoC from Malicious Payload Injection from Windows Event Log Entry
  ☆27Updated 2 years ago
• S3cur3Th1sSh1t / SharpVeeamDecryptor
  Decrypt Veeam database passwords
  ☆156Updated last year