☆96Aug 3, 2025Updated 7 months ago
Alternatives and similar repositories for SAMLSmith
Users that are interested in SAMLSmith are comparing it to the libraries listed below
Sorting:
- ☆48Dec 5, 2025Updated 3 months ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆36Nov 24, 2024Updated last year
- This tool exploits Golden DMSA attack against delegated Managed Service Accounts.☆90Jul 15, 2025Updated 8 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆28Jul 21, 2025Updated 7 months ago
- Threadless Injection Payload Toolkit☆12Oct 12, 2023Updated 2 years ago
- Abusing Azure services over C2☆367Jan 20, 2026Updated 2 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…☆73Sep 13, 2025Updated 6 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 7 months ago
- Claude MCP server to perform analysis on ROADrecon data☆49Mar 30, 2025Updated 11 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- GCP-Hound - Google Cloud Security Attack Path Discovery Tool - v1.1.2☆69Feb 17, 2026Updated last month
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- Chameleon is a polymorphic engine for x86_64 position independent shellcode that has been created out of the need to evade signature-base…☆48Oct 3, 2025Updated 5 months ago
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆39Jul 23, 2025Updated 7 months ago
- ☆88Jul 28, 2022Updated 3 years ago
- Silver SAML forgery tool☆56Feb 26, 2024Updated 2 years ago
- A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs☆107Sep 4, 2025Updated 6 months ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆15Nov 13, 2025Updated 4 months ago
- 🛡️ Assign AD permissions via PowerShell templates — Simplify and standardize AD delegation with reusable PowerShell templates.☆23Feb 28, 2026Updated 2 weeks ago
- ☆26Aug 5, 2025Updated 7 months ago
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆129Dec 2, 2023Updated 2 years ago
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Aug 5, 2022Updated 3 years ago
- ☆53Sep 23, 2025Updated 5 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆304Sep 7, 2023Updated 2 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 10 months ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆78Oct 27, 2025Updated 4 months ago
- ☆58Dec 10, 2025Updated 3 months ago
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆135Nov 12, 2025Updated 4 months ago
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- Python based tool for generating Shellcode from PIC C☆43Nov 6, 2025Updated 4 months ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- Eve is a JAMF exploitation toolkit used to interact with locally hosted JAMF servers and those hosted on jamfcloud.com.☆42Sep 16, 2025Updated 6 months ago
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆174Sep 3, 2025Updated 6 months ago
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated last month