☆142Sep 9, 2025Updated 6 months ago
Alternatives and similar repositories for ATEAM
Users that are interested in ATEAM are comparing it to the libraries listed below
Sorting:
- A tool that allows you to extract a client-specific wordlist from the LDAP of an Active Directory.☆58Jul 2, 2025Updated 8 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 7 months ago
- ☆139Nov 17, 2025Updated 4 months ago
- Group Policy Objects manipulation and exploitation framework☆296Dec 7, 2025Updated 3 months ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆64Dec 25, 2025Updated 2 months ago
- Azure Post Exploitation Framework☆245Oct 27, 2025Updated 4 months ago
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆37Dec 12, 2025Updated 3 months ago
- rust port of pspy with support for process monitoring over dbus☆36Jan 4, 2026Updated 2 months ago
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated last year
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts existing Mythic shellcode into payloads specific…☆113Updated this week
- ☆48Dec 5, 2025Updated 3 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆37Aug 5, 2025Updated 7 months ago
- Orchestrate detonating your MalDev in VMs with different EDRs to see their detection surface.☆23Feb 23, 2026Updated 3 weeks ago
- SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆166Jan 23, 2026Updated last month
- ☆60Jun 2, 2025Updated 9 months ago
- ☆147Nov 6, 2025Updated 4 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 7 months ago
- A Payload Analysis Framework☆116Oct 9, 2025Updated 5 months ago
- A small How-To on creating your own weaponized WSL file☆124Jul 23, 2025Updated 7 months ago
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆335Mar 11, 2026Updated last week
- ☆53Jun 28, 2025Updated 8 months ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆18Jun 29, 2024Updated last year
- Claude MCP server to perform analysis on ROADrecon data☆49Mar 30, 2025Updated 11 months ago
- Unix Process hollowing in rust☆22Dec 16, 2024Updated last year
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆65Jan 5, 2026Updated 2 months ago
- Early Bird APC Injection in Rust☆64Oct 9, 2024Updated last year
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆147Jul 17, 2025Updated 8 months ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆17Jul 27, 2024Updated last year
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆51Nov 2, 2025Updated 4 months ago
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆107Jan 26, 2026Updated last month
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆175May 13, 2024Updated last year
- ☆58Dec 10, 2025Updated 3 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆116Dec 21, 2025Updated 2 months ago
- A BOF to enumerate system process, their protection levels, and more.☆125Nov 27, 2024Updated last year
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated last year