Alternatives and similar repositories for NO445-lateral-movement:

Users that are interested in NO445-lateral-movement are comparing it to the libraries listed below

• AgeloVito / self_delete_bof
  BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…
  ☆71Updated last year
• StarfireLab / BrowserPivot
  ☆31Updated last year
• timwhitez / Doge-DumpMem
  dump lsass
  ☆37Updated 2 years ago
• Jumbo-WJB / SharpAllowedToAct-Modify
  resource-based constrained delegation RBCD
  ☆43Updated 3 years ago
• jiushill / wmi-hack-py
  ☆49Updated last year
• dust-life / Free445-BOF
  ☆21Updated last year
• FeigongSec / NTLMINFO
  ☆46Updated 3 years ago
• aleenzz / SCExec
  ☆30Updated 2 years ago
• aleenzz / ChromeExtensionInstall
  Silently Install Chrome Extension For Persistence
  ☆49Updated 8 months ago
• xunyang1 / ssp_dump_lsass
  RPC 调用添加ssp扩展dump lsass
  ☆18Updated 2 years ago
• woaiqiukui / sam-the-admin-maq
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…
  ☆22Updated 9 months ago
• XiaoliChan / CrackMapExec-Extension
  CrackMapExec extension module/protocol support
  ☆42Updated last year
• howmp / iisproxy
  通过websocket在IIS8(Windows Server 2012)以上实现socks5代理
  ☆85Updated last year
• Hagrid29 / BOF-DCOMPotato-PrintNotify
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆42Updated 2 years ago
• kyxiaxiang / CrackSleeve4.9
  ☆40Updated last year
• Rvn0xsy / ZeroLogon
  CVE-2020-1472 C++
  ☆81Updated 2 years ago
• LostZX / vcenter_tool
  ☆25Updated last year
• VMsec / PortBenderEXE
  PortBender修改为exe版本
  ☆24Updated last year
• seventeenman / SelfDel-BOF
  Delete file regardless of whether the handle is used via SetFileInformationByHandle
  ☆42Updated last year
• scareing / cmd2shellcode
  cmd2shellcode
  ☆78Updated 3 years ago
• M0nster3 / ITaskServers
  Bypass EDR Create TaskServers
  ☆36Updated 2 years ago
• m1ddl3w4r3 / ExecRemoteNET
  Execute Remote Assembly with args passing and with AMSI and ETW patching .
  ☆32Updated 2 years ago
• Ridter / MSSQL_CLR
  MSSQL CLR for pentest.
  ☆54Updated last year
• StarfireLab / EFSRPCrpc
  利用EFSRPC协议批量探测出网
  ☆65Updated last year
• 0x3rhy / AddUser-Bof
  Cobalt Strike BOF that Add an admin user
  ☆72Updated 2 years ago
• Jumbo-WJB / search_rbcd
  Search msDS-AllowedToActOnBehalfOfOtherIdentity
  ☆35Updated 3 years ago
• XiaoliChan / Xiaoli-Tools
  ☆15Updated last year
• yanghaoi / LaunchSystemCmd
  在权限足够的情况下弹出system权限的cmd命令行，包含exe和dll两种文件类型，可用于一些可能存在本地提权漏洞的测试。
  ☆33Updated 2 years ago
• XiaoliChan / LDAPShell
  A wrapper of ldap_shell.py module which in ntlmrelayx
  ☆62Updated 2 years ago