Alternatives and similar repositories for SAMLSmith

Users that are interested in SAMLSmith are comparing it to the libraries listed below

• DarkSpaceSecurity / DocEx
  APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files
  ☆94Updated 7 months ago
• dmcxblue / Claude-C2
  Utilizng an MCP Server to communicate with your C2
  ☆85Updated 6 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆99Updated 5 months ago
• 0xJs / EnumEDRs
  Enumerate active EDR's on the system
  ☆144Updated last month
• sensepost / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆87Updated 8 months ago
• deletehead / OctoC2t
  Simple C2 using GitHub repository as comms channel.
  ☆31Updated last year
• Workday / raw-disk-parser
  A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs
  ☆96Updated 2 months ago
• Shac0x / Wonka
  Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…
  ☆104Updated 3 weeks ago
• 123ojp / GREtunnel-scanner
  This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆90Updated 2 months ago
• deriv-security / MeetC2
  (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.
  ☆123Updated 2 months ago
• CroodSolutions / BeaconatorC2
  BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…
  ☆85Updated last week
• xpn / mythic_mcp
  A simple POC to expose Mythic as a MCP server
  ☆73Updated 7 months ago
• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆66Updated 5 months ago
• redr0nin / Agentic-Flow-Corruption-Attacks
  A red teaming attack paradigm against AI Agents
  ☆32Updated 8 months ago
• whokilleddb / sinister-vsix
  Blog/Journal on how to backdoor VSCode extensions
  ☆75Updated 3 months ago
• almounah / orsted
  Orsted C2 Framework
  ☆87Updated this week
• praetorian-inc / google-redirector
  A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.
  ☆114Updated 2 weeks ago
• w1th4d / JarPlant
  Java archive implant toolkit.
  ☆61Updated 6 months ago
• MWR-CyberSec / AD-CS-Forest-Exploiter
  Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
  ☆101Updated last year
• duhirsch / MoveEdr
  Permanently disable EDRs as local admin
  ☆121Updated last month
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆64Updated last year
• praetorian-inc / glato
  GitLab Attack TOolkit
  ☆28Updated last month
• loosehose / SilentButDeadly
  SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connecti…
  ☆236Updated last week
• CultCornholio / RedTeamTP
  ☆85Updated 5 months ago
• CroodSolutions / AutoRMM
  AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…
  ☆91Updated 3 months ago
• dirkjanm / scepreq
  SCEP request tool for AD CS and Intune
  ☆70Updated 3 weeks ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Updated 9 months ago
• 7hePr0fess0r / ADCSDevilCOM
  A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …
  ☆136Updated last week
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆94Updated last year
• praetorian-inc / oauthseeker
  A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office3…
  ☆150Updated 3 months ago