☆96Aug 3, 2025Updated 6 months ago
Alternatives and similar repositories for SAMLSmith
Users that are interested in SAMLSmith are comparing it to the libraries listed below
Sorting:
- ☆47Dec 5, 2025Updated 2 months ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal��…☆36Nov 24, 2024Updated last year
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆28Jul 21, 2025Updated 7 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- Abusing Azure services over C2☆368Jan 20, 2026Updated last month
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- Evasive Payload Delivery Server & C2 Redirector☆112Nov 3, 2025Updated 3 months ago
- A small go tool to upload JSON files to the BloodHound community edition API☆29May 29, 2024Updated last year
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 7 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆75Oct 27, 2025Updated 4 months ago
- Python based tool for generating Shellcode from PIC C☆43Nov 6, 2025Updated 3 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆123Jan 17, 2026Updated last month
- ☆53Sep 23, 2025Updated 5 months ago
- Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…☆71Sep 13, 2025Updated 5 months ago
- ☆38Mar 28, 2025Updated 10 months ago
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- ☆120May 29, 2025Updated 9 months ago
- This tool exploits Golden DMSA attack against delegated Managed Service Accounts.☆90Jul 15, 2025Updated 7 months ago
- A tool designed for smuggling interactive command and control traffic through legitimate TURN servers hosted by reputable providers such …☆391Aug 18, 2025Updated 6 months ago
- A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs☆107Sep 4, 2025Updated 5 months ago
- Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack☆36Aug 27, 2025Updated 6 months ago
- ☆88Jul 28, 2022Updated 3 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or art…☆70Nov 27, 2025Updated 3 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- Enumerate active EDR's on the system☆150Sep 23, 2025Updated 5 months ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated last month
- Location of some Active Directory lab scripts I have created and find useful☆110Feb 2, 2026Updated 3 weeks ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆64Jan 19, 2026Updated last month
- ☆26Aug 5, 2025Updated 6 months ago
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆37Jul 23, 2025Updated 7 months ago
- Simple BOF to read the protection level of a process☆118May 10, 2023Updated 2 years ago
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆132Nov 12, 2025Updated 3 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆172Sep 3, 2025Updated 5 months ago
- x64 version☆36Oct 8, 2021Updated 4 years ago
- Command Augmentation support for BOFs and .NET assemblies across agents☆40Feb 17, 2026Updated last week