Advanced post-exploitation framework designed for Red Team operations in Entra ID, Azure and Microsoft 365 environments.
☆42Dec 30, 2025Updated 2 months ago
Alternatives and similar repositories for SpecterPortal
Users that are interested in SpecterPortal are comparing it to the libraries listed below
Sorting:
- Advanced Windows authentication token extraction and decryption tool for red team operations and security research☆88Dec 30, 2025Updated 2 months ago
- ☆49Dec 21, 2025Updated 2 months ago
- ☆62Feb 12, 2026Updated last month
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- Cobalt Strike BOF☆43Dec 10, 2025Updated 3 months ago
- An implementation of PyADRecon using ADWS instead of LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD d…☆49Feb 23, 2026Updated 3 weeks ago
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆18Jul 15, 2025Updated 8 months ago
- ☆37Feb 12, 2026Updated last month
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- A cmake template for crystal palace☆39Dec 20, 2025Updated 2 months ago
- NSecSoftBYOVD POC☆58Feb 12, 2026Updated last month
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆174Sep 3, 2025Updated 6 months ago
- Python script to leverage MSFT_MTProcess WMI class☆39Sep 17, 2025Updated 6 months ago
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆208Dec 17, 2025Updated 3 months ago
- Dump processes over WMI with MSFT_MTProcess☆85Feb 13, 2026Updated last month
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- A pointer encryption library intended for Red Team implant design in Rust.☆66Oct 1, 2025Updated 5 months ago
- Doppelgänger is firmware that runs on ESP32 devices that can be embedded within commercially available RFID readers with the intent of ca…☆20Dec 16, 2025Updated 3 months ago
- ☆50Jun 4, 2025Updated 9 months ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- ☆15May 30, 2025Updated 9 months ago
- ☆16Dec 7, 2025Updated 3 months ago
- wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).☆30Jan 22, 2026Updated last month
- A C# utility for interacting with SCOM☆96Dec 2, 2025Updated 3 months ago
- Payload Generation Workflow☆40Jul 18, 2025Updated 8 months ago
- Brute Ratel External C2 (Microsoft Teams)☆38Dec 11, 2024Updated last year
- Callstack spoofing using a VEH because VEH all the things.☆23Mar 18, 2025Updated last year
- collection of beacon object file (Cobalt strike)☆12Jan 21, 2023Updated 3 years ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- PowerShell implementation for AD CS☆115Mar 2, 2026Updated 2 weeks ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆78Dec 23, 2023Updated 2 years ago
- ☆32Mar 10, 2026Updated last week
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆135Nov 12, 2025Updated 4 months ago
- Dump configuration from STOP Djvu ransomware sample☆12Feb 19, 2020Updated 6 years ago
- A bunch of shenanigans using functions, VEH and more☆38Jun 8, 2025Updated 9 months ago
- Request device ticket/token using the device's MSA☆38Aug 25, 2025Updated 6 months ago
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 3 months ago