Alternatives and similar repositories for OWASSRF:

Users that are interested in OWASSRF are comparing it to the libraries listed below

• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆93Updated last year
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆85Updated last year
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated 10 months ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆152Updated last year
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆76Updated 4 months ago
• MazX0p / ThreatHound
  ☆156Updated last year
• JumpsecLabs / TokenSmith
  TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …
  ☆201Updated 3 weeks ago
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆93Updated 4 months ago
• zeronetworks / ldapfw
  Protect your Domain Controllers by auditing and restricting LDAP requests
  ☆104Updated last week
• synacktiv / ntdissector
  ☆131Updated 5 months ago
• TH3xACE / EDR-Test
  Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
  ☆146Updated last year
• mertdas / SharpLateral
  Lateral Movement
  ☆122Updated last year
• LuemmelSec / Custom-BloodHound-Queries
  ☆174Updated last month
• coffeegist / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆183Updated last month
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆91Updated last year
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆120Updated 6 months ago
• zh54321 / PoCEntraDeviceComplianceBypass
  Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
  ☆124Updated 2 weeks ago
• 0xe7 / WonkaVision
  ☆81Updated 2 years ago
• CrowdStrike / sccmhound
  A BloodHound collector for Microsoft Configuration Manager
  ☆277Updated 2 weeks ago
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆155Updated 4 months ago
• sse-secure-systems / Active-Directory-Spotlights
  ☆34Updated last year
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆93Updated 6 months ago
• trustedsec / specula
  ☆185Updated 3 months ago
• strozfriedberg / cobaltstrike-config-extractor
  Cobalt Strike Beacon configuration extractor and parser.
  ☆149Updated 3 years ago
• Tanguy-Boisset / bloodhound-automation
  Automatically run and populate a new instance of BH CE
  ☆59Updated 3 months ago
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆133Updated 5 months ago
• nettitude / MalSCCM
  ☆243Updated last year
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆61Updated last year
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 8 months ago
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆115Updated 3 months ago