Alternatives and similar repositories for sliver-ligolo-ng

Users that are interested in sliver-ligolo-ng are comparing it to the libraries listed below

• raskolnikov90 / LainAmsiOpenSession
  Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll
  ☆42Updated 3 months ago
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆52Updated 3 years ago
• ProDefense / Hawk
  Golang tool designed to exfiltrate passwords found via the sshd and su services
  ☆21Updated last year
• two06 / CerealKiller
  .NET deserialization hunter
  ☆80Updated last year
• Yeeb1 / SharpLansweeperDecrypt
  Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.
  ☆40Updated 9 months ago
• ghost-ng / slinger
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆52Updated 2 months ago
• synacktiv / CVE-2024-43468
  ☆91Updated 8 months ago
• nettitude / raccoon
  ☆53Updated 7 months ago
• OtterHacker / AWSRedirector
  ☆57Updated 7 months ago
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆79Updated 6 months ago
• Patrick0x41 / BOF_All_Things
  Beacon Object Files (BOF) for Cobalt Strike.
  ☆31Updated last year
• jojonas / SharpSAMDump
  SAM Dumping in C#
  ☆51Updated 8 months ago
• rubenformation / CVE-2025-50154
  POC for CVE-2025-50154, a zero day vulnerability on windows file explorer disclosing NTLMv2-SSP without user interaction. It is a bypass …
  ☆30Updated last month
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆142Updated 5 months ago
• MinoTauro2020 / RedTeam-CRTL-Certification
  ☆18Updated 9 months ago
• 0xthirteen / WMI_Proc_Dump
  Dump processes over WMI with MSFT_MTProcess
  ☆24Updated last week
• nyxgeek / autodiscover_enum
  time-based user enum via Basic Auth in Azure against Autodiscover
  ☆32Updated 11 months ago
• MazX0p / PhantomInjector
  Advanced In-Memory PowerShell Process Injection Framework
  ☆68Updated 2 months ago
• dadevel / impacket-zsh-integration
  ZSH integration for Impacket
  ☆72Updated 8 months ago
• rasta-mouse / SpawnWith
  ☆110Updated 7 months ago
• JumpsecLabs / WALK_WebAssembly_Lure_Krafter
  A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …
  ☆90Updated last year
• n0tspam / RunspaceLoader
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Updated last year
• Shrfnt77 / SharpCoercer
  SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…
  ☆49Updated 2 months ago
• CultCornholio / RedTeamTP
  ☆81Updated 4 months ago
• ar0x4 / ysoserial.net-docker
  ysoserial.net docker image
  ☆29Updated last year
• Yeeb1 / SharpRDPlusSnatcher
  Exploits a flaw in Remote Desktop Plus by monitoring and decrypting temporary .rdp files in %localappdata%/Temp, revealing credentials us…
  ☆16Updated 2 months ago
• 0xb11a1 / sliver_extension_uac_bypass_cmstp
  Sliver extension to bypass UAC via cmstp written in rust
  ☆29Updated last year
• mertdas / SharpLateral
  Lateral Movement
  ☆124Updated last year
• casp3r0x0 / LoaderGate
  a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.
  ☆87Updated 4 months ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆149Updated 7 months ago