Fast Windows post-exploitation wins after initial access.
☆29Jan 28, 2026Updated 3 months ago
Alternatives and similar repositories for AfterShell
Users that are interested in AfterShell are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆129Feb 17, 2026Updated 2 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 4 months ago
- Network scanning tool designed to detect and report changes in open ports and services over time☆13Oct 16, 2025Updated 6 months ago
- A TUI for Active Directory collection.☆136Mar 17, 2026Updated last month
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 5 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆25Jul 5, 2023Updated 2 years ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆51Jan 28, 2026Updated 3 months ago
- Linux CS bypass technique☆33Feb 4, 2025Updated last year
- Tools, scripts and tips useful during OSINT investigations and reconnaissance.☆13Jul 2, 2021Updated 4 years ago
- Linker for Beacon Object Files☆177Mar 30, 2026Updated 3 weeks ago
- ☆78Jan 1, 2026Updated 3 months ago
- ☆28Mar 14, 2026Updated last month
- A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself☆89Apr 9, 2026Updated 2 weeks ago
- Click Once + App Domain☆67Feb 23, 2026Updated 2 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆11Jul 31, 2017Updated 8 years ago
- ☆16Jan 9, 2025Updated last year
- ☆31Jul 26, 2024Updated last year
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- Golang Automation Framework for Cobalt Strike using the Rest API☆59Apr 10, 2026Updated 2 weeks ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Block Windows Defender by deny ACL☆89Jan 12, 2026Updated 3 months ago
- Reflective PE loader written in Zig. Loads and executes native and .NET PE files directly from memory.☆27Mar 2, 2026Updated last month
- Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.☆76Dec 15, 2025Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A Bloodhound alternative. BloodBash will ingest the same files bloodhound does but no server is required to use this tool. It's great for…☆192Mar 2, 2026Updated last month
- Discover DYLD_INSERT_LIBRARIES hijacks on macOS☆45Sep 15, 2022Updated 3 years ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- Bypass WiFi client isolation on Open and WPA2-PSK networks☆41Oct 14, 2025Updated 6 months ago
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆25Jul 14, 2024Updated last year
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆72Mar 8, 2026Updated last month
- An implementation of PyADRecon using ADWS instead of LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD d…☆51Feb 23, 2026Updated 2 months ago
- PoC to self-delete a binary in C#☆36Feb 6, 2024Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 6 months ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- 7z exploit POC versions prior to 25.01☆33Aug 11, 2025Updated 8 months ago
- An open-source, C#-based remote administration tool (RAT), enabling complete control of a remote Windows machine, designed for legitimate…☆183Apr 9, 2026Updated 2 weeks ago
- MDE/MDI Defender setup for Ludus☆55Mar 14, 2026Updated last month