Alternatives and similar repositories for WMIOps

Users that are interested in WMIOps are comparing it to the libraries listed below

• cobbr / ObfuscatedEmpire
  ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.
  ☆227Updated 7 years ago
• Cn33liz / StarFighters
  A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.
  ☆320Updated 8 years ago
• GoFetchAD / GoFetch
  GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
  ☆635Updated 8 years ago
• xorrior / RandomPS-Scripts
  PowerShell Scripts focused on Post-Exploitation Capabilities
  ☆318Updated 7 years ago
• SadProcessor / SomeStuff
  Some PowerShell Stuff
  ☆281Updated 3 years ago
• trustedsec / spraywmi
  SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on …
  ☆254Updated 9 years ago
• mdsecresearch / LyncSniper
  LyncSniper: A tool for penetration testing Skype for Business and Lync deployments
  ☆306Updated 4 years ago
• mattifestation / WMI_Backdoor
  A PoC WMI backdoor presented at Black Hat 2015
  ☆273Updated 9 years ago
• RedSiege / WMImplant
  This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …
  ☆815Updated 11 months ago
• Invoke-IR / Uproot
  Currently not updated for WMIEvent module...
  ☆262Updated 9 years ago
• cobbr / PSAmsi
  PSAmsi is a tool for auditing and defeating AMSI signatures.
  ☆390Updated 7 years ago
• interference-security / empire-web
  PowerShell Empire Web Interface
  ☆330Updated 2 years ago
• JavelinNetworks / HoneypotBuster
  ☆283Updated 7 years ago
• Kevin-Robertson / Tater
  Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec
  ☆451Updated 9 years ago
• cyberark / ketshash
  A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
  ☆170Updated 4 months ago
• Raikia / CredNinja
  A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale v…
  ☆449Updated 3 years ago
• Cyb3rWard0g / Invoke-ATTACKAPI
  A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
  ☆368Updated 6 years ago
• johnnyDEP / OWA-Toolkit
  Powershell module to assist in attacking Exchange/Outlook Web Access
  ☆181Updated 8 years ago
• ramen0x3f / AggressorScripts
  ☆272Updated 2 years ago
• HarmJ0y / DAMP
  The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
  ☆380Updated 5 years ago
• secabstraction / WmiSploit
  ☆164Updated 9 years ago
• p3nt4 / Invoke-Piper
  Forward local or remote tcp ports through SMB pipes.
  ☆296Updated 4 years ago
• xorrior / RemoteRecon
  Remote Recon and Collection
  ☆454Updated 7 years ago
• csababarta / ntdsxtract
  Active Directory forensic framework
  ☆326Updated 3 years ago
• FSecureLABS / XRulez
  A command line tool for creating malicious outlook rules
  ☆164Updated 6 years ago
• nettitude / PoshC2_Old
  Powershell C2 Server and Implants
  ☆573Updated 5 years ago
• Invoke-IR / ACE
  Automated, Collection, and Enrichment Platform
  ☆325Updated 5 years ago
• cyberark / RiskySPN
  Detect and abuse risky SPNs
  ☆262Updated 8 years ago
• mubix / netview
  Netview enumerates systems using WinAPI calls
  ☆295Updated 3 years ago
• sekirkity / BrowserGather
  Fileless web browser information extraction
  ☆219Updated 7 years ago