Alternatives and similar repositories for sekken-enum

Users that are interested in sekken-enum are comparing it to the libraries listed below

• sudonoodle / BOF-entra-authcode-flow

  View on GitHub
  Beacon Object File (BOF) to obtain Entra tokens via authcode flow.
  ☆122Jan 17, 2026Updated 3 weeks ago
• pard0p / Remote-BOF-Runner

  View on GitHub
  Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …
  ☆88Jan 2, 2026Updated last month
• Paradoxis / ADSyncDump-BOF

  View on GitHub
  The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…
  ☆169Sep 3, 2025Updated 5 months ago
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆155Jul 23, 2025Updated 6 months ago
• pard0p / Self-Cleaning-PICO-Loader

  View on GitHub
  Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …
  ☆48Nov 2, 2025Updated 3 months ago
• c0nf1den71al / Lodestar-Forge

  View on GitHub
  Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.
  ☆108Jan 19, 2026Updated 3 weeks ago
• synacktiv / sccmsqlclient

  View on GitHub
  ☆26Aug 5, 2025Updated 6 months ago
• Cobalt-Strike / eden

  View on GitHub
  A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…
  ☆65Jan 21, 2026Updated 3 weeks ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆182Jan 17, 2026Updated 3 weeks ago
• M1ndo / WerDump

  View on GitHub
  A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
  ☆165Sep 22, 2025Updated 4 months ago
• paranoidninja / BRC4-BOF-Artillery

  View on GitHub
  ☆145Nov 6, 2025Updated 3 months ago
• logangoins / BadTakeover-BOF

  View on GitHub
  Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
  ☆85Oct 20, 2025Updated 3 months ago
• werdhaihai / msi_lateral_mv

  View on GitHub
  Lateral Movement Bof with MSI ODBC Driver Install
  ☆144Sep 30, 2025Updated 4 months ago
• loland / inlineExecute

  View on GitHub
  Cobalt Strike BOF
  ☆42Dec 10, 2025Updated 2 months ago
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆60Jan 5, 2026Updated last month
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• KingOfTheNOPs / Get-NetNTLM

  View on GitHub
  Internal Monologue BOF
  ☆79Dec 28, 2024Updated last year
• EricEsquivel / Inline-EA

  View on GitHub
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆307Mar 31, 2025Updated 10 months ago
• nettitude / TokenCert

  View on GitHub
  TokenCert
  ☆102Nov 15, 2024Updated last year
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆345Nov 19, 2024Updated last year
• FalconForceTeam / bof-winrm-client

  View on GitHub
  ☆123Jan 23, 2025Updated last year
• MEhrn00 / boflink

  View on GitHub
  Linker for Beacon Object Files
  ☆149Updated this week
• Macmod / ldapx

  View on GitHub
  Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.
  ☆188Dec 23, 2025Updated last month
• synacktiv / OUned

  View on GitHub
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆155Nov 2, 2025Updated 3 months ago
• temp43487580 / EntraPassTheCert

  View on GitHub
  tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it
  ☆131Aug 23, 2025Updated 5 months ago
• CCob / DRSAT

  View on GitHub
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆273Dec 27, 2024Updated last year
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆72Sep 9, 2025Updated 5 months ago
• rad9800 / byor

  View on GitHub
  ☆163Jun 12, 2025Updated 8 months ago
• MartinoTommasini / offlineSCCMdecrypt

  View on GitHub
  Step-by-step documentation on how to decrypt SCCM database secrets offline
  ☆50Oct 20, 2025Updated 3 months ago
• CrowdStrike / sccmhound

  View on GitHub
  A BloodHound collector for Microsoft Configuration Manager
  ☆363Jul 7, 2025Updated 7 months ago
• grayhatkiller / wambam-bof

  View on GitHub
  ☆47Dec 5, 2025Updated 2 months ago
• ibaiC / FriendlyFireBOF

  View on GitHub
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆57Apr 14, 2025Updated 9 months ago
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆104Nov 7, 2025Updated 3 months ago
• sud0Ru / NauthNRPC

  View on GitHub
  Enumerate Domain Users Without Authentication
  ☆281Apr 22, 2025Updated 9 months ago
• hotnops / ECUtilities

  View on GitHub
  Powershell and python utilties for Entra Connect
  ☆27Jun 5, 2025Updated 8 months ago
• professor-moody / scorch

  View on GitHub
  ☆40Dec 24, 2025Updated last month
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated 11 months ago
• Thunter-HackTeam / EvilentCoerce

  View on GitHub
  ☆159May 5, 2025Updated 9 months ago
• 3lp4tr0n / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆195Nov 4, 2025Updated 3 months ago