Fast Windows post-exploitation wins after initial access.
☆29Jan 28, 2026Updated 3 weeks ago
Alternatives and similar repositories for AfterShell
Users that are interested in AfterShell are comparing it to the libraries listed below
Sorting:
- Network scanning tool designed to detect and report changes in open ports and services over time☆12Oct 16, 2025Updated 4 months ago
- A TUI for Active Directory collection.☆94Feb 17, 2026Updated last week
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆116Feb 17, 2026Updated last week
- A Windows tool that converts LDIF files to BloodHound CE☆26Dec 20, 2025Updated 2 months ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 3 months ago
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- ☆31Jul 26, 2024Updated last year
- ☆17Jan 9, 2025Updated last year
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- Tools, scripts and tips useful during OSINT investigations and reconnaissance.☆12Jul 2, 2021Updated 4 years ago
- Golang Automation Framework for Cobalt Strike using the Rest API☆56Dec 4, 2025Updated 2 months ago
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆152Feb 11, 2026Updated 2 weeks ago
- Block Windows Defender by deny ACL☆77Jan 12, 2026Updated last month
- A python library to create BloodHound OpenGraphs☆53Feb 4, 2026Updated 3 weeks ago
- Click Once + App Domain☆64Dec 4, 2023Updated 2 years ago
- Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.☆58Dec 15, 2025Updated 2 months ago
- PoC to self-delete a binary in C#☆35Feb 6, 2024Updated 2 years ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Open-source web & API security training platform with curated, modular labs and progress tracking.☆33Updated this week
- This project is a deliberately vulnerable environment to learn about LLM-specific risks based on the OWASP Top 10 for LLM Applications.☆50Jan 19, 2026Updated last month
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆50Feb 13, 2025Updated last year
- EvilMist is a collection of scripts and utilities designed to support cloud penetration testing & red teaming. The toolkit helps identify…☆100Feb 4, 2026Updated 3 weeks ago
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Aug 2, 2025Updated 6 months ago
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆59Jul 13, 2025Updated 7 months ago
- A Remote Access Tool developed in C#, enabling complete control of a remote Windows machine, designed for legitimate remote administratio…☆136Feb 12, 2026Updated 2 weeks ago
- Bypass WiFi client isolation on Open and WPA2-PSK networks☆40Oct 14, 2025Updated 4 months ago
- Info on how to use Kerberos KDC on a non-domain joined host☆53Jul 31, 2024Updated last year
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- Exploit for elevation of privilege vulnerability in QuickHeal's Seqrite EPS (CVE-2023-31497).☆18Oct 30, 2023Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- ☆28Feb 11, 2026Updated 2 weeks ago
- 7z exploit POC versions prior to 25.01☆33Aug 11, 2025Updated 6 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- KVC enables unsigned driver loading via DSE bypass (g_CiOptions patch, skci.dll hijack, SeCiCallbacks redirection) and PP/PPL manipulatio…☆164Jan 26, 2026Updated last month
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆40Jan 14, 2024Updated 2 years ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Jul 29, 2024Updated last year