Alternatives and similar repositories for RedTeam-CRTL-Certification

Users that are interested in RedTeam-CRTL-Certification are comparing it to the libraries listed below

• mertdas / SharpLateral
  Lateral Movement
  ☆124Updated last year
• casp3r0x0 / LoaderGate
  a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.
  ☆84Updated 2 months ago
• wh0amitz / SharpRODC
  To audit the security of read-only domain controllers
  ☆117Updated last year
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆125Updated 4 months ago
• OleFredrik1 / remoteKrbRelayx
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆120Updated 2 weeks ago
• Shrfnt77 / SharpCoercer
  SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…
  ☆46Updated 3 weeks ago
• RedTeamPentesting / wspcoerce
  wspcoerce coerces a Windows computer account via SMB to an arbitrary target using MS-WSP
  ☆108Updated 3 weeks ago
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆52Updated 2 years ago
• rasta-mouse / SCMUACBypass
  ☆100Updated last year
• RedTeamPentesting / adauth
  Active Directory Authentication Library
  ☆78Updated 2 weeks ago
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆122Updated 10 months ago
• decoder-it / KrbRelayEx-RPC
  ☆189Updated 4 months ago
• LuemmelSec / ntlmrelayx.py_to_exe
  ☆88Updated 2 years ago
• CodeXTF2 / WebcamBOF
  Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
  ☆140Updated 4 months ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆148Updated 5 months ago
• SpecterOps / MSSQLHound
  PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph
  ☆180Updated this week
• OtterHacker / AWSRedirector
  ☆57Updated 5 months ago
• Tw1sm / SQL-BOF
  Library of BOFs to interact with SQL servers
  ☆193Updated 3 months ago
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆38Updated last year
• Sq00ky / RunAsPasswd
  A RunAs clone with the ability to specify the password as an argument.
  ☆112Updated 2 years ago
• Leo4j / SessionExec
  Execute commands in other Sessions
  ☆90Updated last year
• ozelis / winrmexec
  Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth
  ☆29Updated last week
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆56Updated 7 months ago
• dmcxblue / SharpGhostTask
  A C# port from Invoke-GhostTask
  ☆117Updated last year
• wariv / DarkLnk
  Build sneaky & malicious LNK files.
  ☆94Updated 3 weeks ago
• two06 / CerealKiller
  .NET deserialization hunter
  ☆78Updated last year
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆204Updated 9 months ago
• ZephrFish / QoL-BOFs
  Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
  ☆131Updated 3 months ago
• ghost-ng / slinger
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆51Updated 2 weeks ago
• Hagrid29 / CertifyKit
  Active Directory certificate abuse
  ☆39Updated 2 years ago