Alternatives and similar repositories for SAMLSmith

Users that are interested in SAMLSmith are comparing it to the libraries listed below

• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆65Updated 5 months ago
• DarkSpaceSecurity / DocEx
  APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files
  ☆94Updated 6 months ago
• dmcxblue / Claude-C2
  Utilizng an MCP Server to communicate with your C2
  ☆82Updated 5 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆99Updated 4 months ago
• redr0nin / Agentic-Flow-Corruption-Attacks
  A red teaming attack paradigm against AI Agents
  ☆32Updated 7 months ago
• xpn / mythic_mcp
  A simple POC to expose Mythic as a MCP server
  ☆69Updated 7 months ago
• dirkjanm / scepreq
  SCEP request tool for AD CS and Intune
  ☆69Updated this week
• Workday / raw-disk-parser
  A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs
  ☆93Updated last month
• sensepost / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆87Updated 7 months ago
• CroodSolutions / BeaconatorC2
  BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…
  ☆83Updated last week
• whokilleddb / sinister-vsix
  Blog/Journal on how to backdoor VSCode extensions
  ☆74Updated 3 months ago
• 0xJs / EnumEDRs
  Enumerate active EDR's on the system
  ☆139Updated last month
• deriv-security / MeetC2
  (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.
  ☆116Updated last month
• Shac0x / Wonka
  Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…
  ☆61Updated this week
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆63Updated last year
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆123Updated 3 months ago
• 123ojp / GREtunnel-scanner
  This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆85Updated 2 months ago
• CroodSolutions / AutoRMM
  AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…
  ☆89Updated 2 months ago
• almounah / orsted
  Orsted C2 Framework
  ☆80Updated last month
• CroodSolutions / AutoPwnKey
  AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …
  ☆108Updated 3 months ago
• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆88Updated 10 months ago
• rubenformation / CVE-2025-50154
  POCs for CVE-2025-50154 and CVE-2025-59214, zero day vulnerabilities on windows file explorer disclosing NTLMv2-SSP without user interact…
  ☆35Updated last week
• praetorian-inc / google-redirector
  A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.
  ☆108Updated last month
• django-88 / NomadScanner
  ☆164Updated 6 months ago
• Krypteria / Neo4LDAP
  Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…
  ☆86Updated last month
• deletehead / OctoC2t
  Simple C2 using GitHub repository as comms channel.
  ☆31Updated 11 months ago
• NetSPI / ATEAM
  ☆116Updated last month
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆94Updated last year
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Updated 8 months ago
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆94Updated last year