Fast Windows post-exploitation wins after initial access.
☆29Jan 28, 2026Updated last month
Alternatives and similar repositories for AfterShell
Users that are interested in AfterShell are comparing it to the libraries listed below
Sorting:
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆128Feb 17, 2026Updated last month
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 3 months ago
- Network scanning tool designed to detect and report changes in open ports and services over time☆13Oct 16, 2025Updated 5 months ago
- A TUI for Active Directory collection.☆132Updated this week
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 4 months ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- ☆76Jan 1, 2026Updated 2 months ago
- Tools, scripts and tips useful during OSINT investigations and reconnaissance.☆13Jul 2, 2021Updated 4 years ago
- ☆28Updated this week
- ☆11Jul 31, 2017Updated 8 years ago
- Click Once + App Domain☆67Feb 23, 2026Updated 3 weeks ago
- ☆17Jan 9, 2025Updated last year
- ☆31Jul 26, 2024Updated last year
- Golang Automation Framework for Cobalt Strike using the Rest API☆56Dec 4, 2025Updated 3 months ago
- Open-source web & API security training platform with curated, modular labs and progress tracking.☆37Mar 12, 2026Updated last week
- Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.☆60Dec 15, 2025Updated 3 months ago
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- A Bloodhound alternative. BloodBash will ingest the same files bloodhound does but no server is required to use this tool. It's great for…☆179Mar 2, 2026Updated 2 weeks ago
- Block Windows Defender by deny ACL☆84Jan 12, 2026Updated 2 months ago
- Discover DYLD_INSERT_LIBRARIES hijacks on macOS☆45Sep 15, 2022Updated 3 years ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆69Mar 8, 2026Updated last week
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- Bypass WiFi client isolation on Open and WPA2-PSK networks☆40Oct 14, 2025Updated 5 months ago
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆25Jul 14, 2024Updated last year
- Linker for Beacon Object Files☆160Feb 22, 2026Updated 3 weeks ago
- An open-source, C#-based remote administration tool (RAT), enabling complete control of a remote Windows machine, designed for legitimate…☆174Updated this week
- An implementation of PyADRecon using ADWS instead of LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD d…☆49Feb 23, 2026Updated 3 weeks ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 4 months ago
- MDE/MDI Defender setup for Ludus☆54Updated this week
- PoC to self-delete a binary in C#☆36Feb 6, 2024Updated 2 years ago
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆192Feb 11, 2026Updated last month
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- ☆71Jan 1, 2026Updated 2 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- 7z exploit POC versions prior to 25.01☆33Aug 11, 2025Updated 7 months ago
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆60Jul 13, 2025Updated 8 months ago