Alternatives and similar repositories for BloodhoundAD-Queries

Users that are interested in BloodhoundAD-Queries are comparing it to the libraries listed below

• mdsecactivebreach / RegistryStrikesBack

  View on GitHub
  ☆53Oct 20, 2020Updated 5 years ago
• two06 / EvtMute

  View on GitHub
  Apply a filter to the events being reported by windows event logging
  ☆15Sep 10, 2020Updated 5 years ago
• dafthack / Check-LocalAdminHash

  View on GitHub
  Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to…
  ☆180Sep 11, 2023Updated 2 years ago
• b4rtik / SharpMiniDump

  View on GitHub
  Create a minidump of the LSASS process from memory
  ☆261Nov 2, 2022Updated 3 years ago
• mdsecactivebreach / Execute-GithubAssembly-Aggressor

  View on GitHub
  Aggressor Script to Execute Assemblies from Github
  ☆71Nov 30, 2020Updated 5 years ago
• vysecurity / AzureAppC2

  View on GitHub
  A script that can be deployed to Azure App for C2 / Proxy / Redirector
  ☆41May 17, 2019Updated 6 years ago
• infosecn1nja / ycsm

  View on GitHub
  This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-…
  ☆87Jul 2, 2019Updated 6 years ago
• mobdk / Zeta

  View on GitHub
  Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger
  ☆58Oct 7, 2020Updated 5 years ago
• mez-0 / MoveScheduler

  View on GitHub
  .NET 4.0 Scheduled Job Lateral Movement
  ☆90Aug 25, 2020Updated 5 years ago
• antman1p / SharpProcEnum

  View on GitHub
  .NET tool for enumeration processes and dumping memory.
  ☆57Apr 4, 2019Updated 6 years ago
• CCob / MirrorDump

  View on GitHub
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆269Mar 18, 2021Updated 4 years ago
• attactics / cslogwatch

  View on GitHub
  Cobalt Strike log state tracking, parsing, and storage
  ☆24Jul 18, 2019Updated 6 years ago
• leechristensen / GetNTLMChallenge

  View on GitHub
  Obtains a crackable hash for the current user account
  ☆23Feb 3, 2019Updated 7 years ago
• checkymander / Carbuncle

  View on GitHub
  Tool for interacting with outlook interop during red team engagements
  ☆146Jun 29, 2021Updated 4 years ago
• mitchmoser / AtYourService

  View on GitHub
  Service Enumeration C# .NET Assembly
  ☆59Sep 14, 2021Updated 4 years ago
• b4rtik / ATPMiniDump

  View on GitHub
  Evading WinDefender ATP credential-theft
  ☆256Dec 2, 2019Updated 6 years ago
• leoloobeek / csharp

  View on GitHub
  Various C# projects for offensive security
  ☆111Nov 14, 2019Updated 6 years ago
• N4kedTurtle / ExecuteAssembly_Mailslot

  View on GitHub
  ☆38Oct 12, 2020Updated 5 years ago
• djhohnstein / EventLogParser

  View on GitHub
  Parse PowerShell and Security event logs for sensitive information.
  ☆128Mar 29, 2019Updated 6 years ago
• RedSiege / CIMplant

  View on GitHub
  C# port of WMImplant which uses either CIM or WMI to query remote systems
  ☆202Jul 14, 2021Updated 4 years ago
• jnqpblc / SharpSpray

  View on GitHub
  SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt…
  ☆196Jun 30, 2019Updated 6 years ago
• dev-2null / ADIDNSRecords

  View on GitHub
  Alternative C# Implementation tool to retrieve Active Directory Integrated DNS records with IP addresses
  ☆50Aug 8, 2020Updated 5 years ago
• djhohnstein / SharpSC

  View on GitHub
  Simple .NET assembly to interact with services.
  ☆43Sep 27, 2019Updated 6 years ago
• RedSiege / hot-manchego

  View on GitHub
  Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.
  ☆148Sep 7, 2020Updated 5 years ago
• EspressoCake / PPLDump_BOF

  View on GitHub
  A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
  ☆143Sep 24, 2021Updated 4 years ago
• pkb1s / SharpAllowedToAct

  View on GitHub
  Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
  ☆197Feb 1, 2021Updated 5 years ago
• rvrsh3ll / FlaskRedirectorProtector

  View on GitHub
  Protect your servers with a secret header
  ☆29Jun 12, 2020Updated 5 years ago
• secgroundzero / tetanus

  View on GitHub
  Helper script for mangling CS payloads
  ☆51May 5, 2019Updated 6 years ago
• P1CKLES / SharpBox

  View on GitHub
  SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.
  ☆110Jan 20, 2021Updated 5 years ago
• mdsecactivebreach / SharpPack

  View on GitHub
  An Insider Threat Toolkit
  ☆155Dec 17, 2018Updated 7 years ago
• matterpreter / spotter

  View on GitHub
  Targeted Payload Execution
  ☆100Apr 9, 2020Updated 5 years ago
• med0x2e / NoAmci

  View on GitHub
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆218Mar 5, 2020Updated 5 years ago
• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• rvrsh3ll / SharpCOM

  View on GitHub
  CSHARP DCOM Fun
  ☆138Sep 16, 2019Updated 6 years ago
• rvrsh3ll / SharpExcel4-DCOM

  View on GitHub
  Port of Invoke-Excel4DCOM
  ☆104Oct 12, 2019Updated 6 years ago
• anthemtotheego / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆219Jul 14, 2021Updated 4 years ago
• OG-Sadpanda / SharpSword

  View on GitHub
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆117Sep 30, 2024Updated last year
• jfmaes / SharpHandler

  View on GitHub
  ☆185Jan 5, 2021Updated 5 years ago
• bats3c / Ghost-In-The-Logs

  View on GitHub
  Evade sysmon and windows event logging
  ☆625Apr 8, 2020Updated 5 years ago