Alternatives and similar repositories for LOLBAS:

Users that are interested in LOLBAS are comparing it to the libraries listed below

• byt3bl33d3r / PrivExchange
  Exchange your privileges for Domain Admin privs by abusing Exchange
  ☆16Updated 5 years ago
• rvrsh3ll / HashCant
  Some Hashcat Rules for 2020 and beyond. Contributions encouraged!
  ☆25Updated 2 years ago
• byt3bl33d3r / herpaderping
  Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…
  ☆19Updated 4 years ago
• 0xthirteen / PowerView3-Aggressor
  Cobalt Strike Aggressor script menu for Powerview/SharpView
  ☆28Updated 5 years ago
• warferik / CVE-2019-3980
  ☆17Updated 4 years ago
• fastlorenzo / redelk-server
  Ansible role to deploy RedELK server
  ☆18Updated last year
• ALBY-Project / ALBY
  ☆21Updated 7 years ago
• vletoux / OxidBindings
  Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
  ☆26Updated 5 years ago
• ConsciousHacker / GreatSCT
  The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…
  ☆30Updated 7 years ago
• rvrsh3ll / FlaskRedirectorProtector
  Protect your servers with a secret header
  ☆29Updated 4 years ago
• blackarrowsec / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆17Updated 3 years ago
• tevora-threat / c2_reporter
  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
  ☆20Updated 4 years ago
• Mr-Un1k0d3r / SideChannelAttack
  Side Channel script
  ☆25Updated 2 years ago
• threatexpress / edc
  Event Data Collector
  ☆37Updated last week
• byt3bl33d3r / Utinni
  An async Python client library for Empire's RESTful API
  ☆25Updated last year
• Stealthbits / RIDHijackingProofofConceptKJ
  RID Hijacking Proof of Concept script by Kevin Joyce
  ☆15Updated 6 years ago
• rasta-mouse / SharpRDP
  Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
  ☆12Updated 5 years ago
• trustedsec / SysWhispers
  AV/EDR evasion via direct system calls.
  ☆32Updated 4 years ago
• infosecn1nja / e2modrewrite
  Convert Empire profiles to Apache mod_rewrite scripts
  ☆27Updated 5 years ago
• leoloobeek / keyserver
  Easily serve HTTP and DNS keys for proper payload protection
  ☆59Updated 6 years ago
• xenoscr / SessionHound
  A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…
  ☆19Updated 2 years ago
• mantvydasb / Invoke-PowerCloud
  Deliver powershell paylods via DNS TXT via CloudFlare using PowerShell
  ☆60Updated 6 years ago
• threatexpress / mythic2modrewrite
  Generate Apache mod_rewrite rules for Mythic C2 profiles
  ☆30Updated 3 years ago
• s0lst1c3 / awae
  ☆16Updated 7 years ago
• frizb / BloodHoundCustomQueries
  List of Bloodhound Python Custom Queries which I have found to be handy on engagements
  ☆17Updated 5 years ago
• tevora-threat / rt_redirectors
  Ansible role to configure redirectors for red team C2
  ☆30Updated 6 years ago
• byt3bl33d3r / ldapdomaindump
  Active Directory information dumper via LDAP
  ☆12Updated 5 years ago
• Coalfire-Research / Vampire
  Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.
  ☆79Updated 4 years ago
• rvrsh3ll / RuralBishop
  D/Invoke port of UrbanBishop
  ☆29Updated 4 years ago
• attactics / cslogwatch
  Cobalt Strike log state tracking, parsing, and storage
  ☆24Updated 5 years ago