Alternatives and similar repositories for EDD

Users that are interested in EDD are comparing it to the libraries listed below

• Flangvik / AzureC2Relay
  AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…
  ☆232Updated 4 years ago
• NetSPI / ESC
  Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration feature…
  ☆299Updated 2 years ago
• mdsecactivebreach / Farmer
  ☆413Updated 4 years ago
• mitchmoser / SharpShares
  Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
  ☆372Updated 3 months ago
• awsmhacks / awsmBloodhoundCustomQueries
  Collection of cyphers for bloodhound
  ☆155Updated last year
• RiccardoAncarani / LiquidSnake
  LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
  ☆343Updated 4 years ago
• nyxgeek / ntlmscan
  scan for NTLM directories
  ☆376Updated 5 months ago
• Mr-Un1k0d3r / ADHuntTool
  official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
  ☆233Updated 3 years ago
• iomoath / PowerShx
  Run Powershell without software restrictions.
  ☆282Updated 4 years ago
• cfalta / PoshADCS
  A proof of concept on attack vectors against Active Directory by abusing Active Directory Certificate Services (ADCS)
  ☆195Updated 4 years ago
• BC-SECURITY / Invoke-ZeroLogon
  Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls…
  ☆218Updated 5 years ago
• djhohnstein / SharpShares
  Enumerate all network shares in the current domain. Also, can resolve names to IP addresses.
  ☆299Updated 5 years ago
• bohops / WSMan-WinRM
  A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object
  ☆253Updated 5 years ago
• cyberark / Evasor
  A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
  ☆324Updated 2 years ago
• xforcered / StandIn
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆257Updated 4 years ago
• xforcered / InvisibilityCloak
  Proof-of-concept obfuscation toolkit for C# post-exploitation tools
  ☆429Updated 3 years ago
• S3cur3Th1sSh1t / Invoke-SharpLoader
  ☆364Updated 4 years ago
• samratashok / RACE
  RACE is a PowerShell module for executing ACL attacks against Windows targets.
  ☆239Updated 2 years ago
• GhostPack / RestrictedAdmin
  Remotely enables Restricted Admin Mode
  ☆216Updated 4 years ago
• GoSecure / WSuspicious
  WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
  ☆371Updated 5 years ago
• rvrsh3ll / Rubeus-Rundll32
  Run Rubeus via Rundll32
  ☆204Updated 5 years ago
• nettitude / MalSCCM
  ☆252Updated 2 years ago
• mandiant / ADFSpoof
  ☆407Updated 7 months ago
• ZeroDayLab / PowerSploit
  PowerSploit - A PowerShell Post-Exploitation Framework
  ☆237Updated 3 years ago
• 0xthirteen / SharpMove
  .NET Project for performing Authenticated Remote Execution
  ☆406Updated 2 years ago
• martinsohn / Office-phish-templates
  Tricks the target into enabling content (macros) with fake messages. Once enabled, uses macros to reduce the risk of suspision from targe…
  ☆173Updated 10 months ago
• eksperience / KnockOutlook
  A little tool to play with Outlook
  ☆207Updated 4 years ago
• ScorpionesLabs / DVS
  D(COM) V(ulnerability) S(canner) AKA Devious swiss army knife - Lateral movement using DCOM Objects
  ☆251Updated 5 years ago
• Z4kSec / Masky
  Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory
  ☆399Updated 4 months ago
• outflanknl / Spray-AD
  A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.
  ☆442Updated 3 years ago