Alternatives and similar repositories for ShadowSteal

Users that are interested in ShadowSteal are comparing it to the libraries listed below

• Mr-Un1k0d3r / ADHuntTool
  official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
  ☆232Updated 2 years ago
• hausec / ProxyLogon
  ☆293Updated 11 months ago
• rxwx / spoolsystem
  Print Spooler Named Pipe Impersonation for Cobalt Strike
  ☆264Updated 4 years ago
• jfmaes / SharpZipRunner
  Executes position independent shellcode from an encrypted zip
  ☆304Updated 4 years ago
• Flangvik / AzureC2Relay
  AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…
  ☆220Updated 4 years ago
• ly4k / Pachine
  Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
  ☆277Updated 3 years ago
• optiv / Registry-Recon
  Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon
  ☆328Updated 2 years ago
• klezVirus / CandyPotato
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆307Updated 3 years ago
• waldo-irc / CVE-2021-21551
  Exploit to SYSTEM for CVE-2021-21551
  ☆237Updated 4 years ago
• 0xthirteen / StayKit
  Cobalt Strike kit for Persistence
  ☆475Updated 5 years ago
• outflanknl / FindObjects-BOF
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆271Updated 2 years ago
• BC-SECURITY / Invoke-PrintDemon
  This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.
  ☆202Updated 4 years ago
• rvrsh3ll / Rubeus-Rundll32
  Run Rubeus via Rundll32
  ☆202Updated 5 years ago
• RedSiege / hot-manchego
  Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.
  ☆147Updated 4 years ago
• ShutdownRepo / ShadowCoerce
  MS-FSRVP coercion abuse PoC
  ☆291Updated 3 years ago
• S3cur3Th1sSh1t / SharpNamedPipePTH
  Pass the Hash to a named pipe for token Impersonation
  ☆302Updated last year
• zeronetworks / cornershot
  Amplify network visibility from multiple POV of other hosts
  ☆304Updated last year
• busterb / msmailprobe
  Office 365 and Exchange Enumeration
  ☆186Updated 6 years ago
• ly4k / PrintNightmare
  Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
  ☆187Updated 3 years ago
• Yaxser / CobaltStrike-BOF
  Collection of beacon BOF written to learn windows and cobaltstrike
  ☆350Updated 2 years ago
• Flangvik / CobaltBus
  Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
  ☆229Updated 3 years ago
• rvrsh3ll / CPLResourceRunner
  Run shellcode from resource
  ☆259Updated 4 years ago
• Kevin-Robertson / Sharpmad
  C# version of Powermad
  ☆166Updated last year
• outflanknl / HelpColor
  Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type
  ☆207Updated last year
• xforcered / StandIn
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆257Updated 3 years ago
• nettitude / SharpWSUS
  ☆456Updated 2 years ago
• sailay1996 / cve-2020-1337-poc
  poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)
  ☆174Updated 4 years ago
• CCob / MirrorDump
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆265Updated 4 years ago
• byt3bl33d3r / pyMalleableC2
  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
  ☆279Updated 7 months ago
• mdsecactivebreach / Farmer
  ☆388Updated 4 years ago