Alternatives and similar repositories for SAMLSmith

Users that are interested in SAMLSmith are comparing it to the libraries listed below

• Workday / raw-disk-parser
  A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs
  ☆81Updated 3 weeks ago
• dmcxblue / Claude-C2
  Utilizng an MCP Server to communicate with your C2
  ☆82Updated 4 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆101Updated 3 months ago
• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆64Updated 4 months ago
• whokilleddb / sinister-vsix
  Blog/Journal on how to backdoor VSCode extensions
  ☆74Updated 2 months ago
• xpn / mythic_mcp
  A simple POC to expose Mythic as a MCP server
  ☆69Updated 6 months ago
• DarkSpaceSecurity / DocEx
  APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files
  ☆93Updated 6 months ago
• deletehead / OctoC2t
  Simple C2 using GitHub repository as comms channel.
  ☆31Updated 11 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 2 months ago
• 123ojp / GREtunnel-scanner
  This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆77Updated last month
• 0xJs / EnumEDRs
  Enumerate active EDR's on the system
  ☆111Updated last week
• almounah / orsted
  Orsted C2 Framework
  ☆75Updated 2 weeks ago
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆119Updated 3 months ago
• dirkjanm / scepreq
  SCEP request tool for AD CS and Intune
  ☆70Updated 2 months ago
• sensepost / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆87Updated 6 months ago
• jeanlucdupont / EXEfromCER
  PoC that downloads an executable from a public SSL certificate
  ☆127Updated 2 months ago
• CroodSolutions / BeaconatorC2
  BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…
  ☆83Updated last month
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆93Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆140Updated last year
• duhirsch / MoveEdr
  Permanently disable EDRs as local admin
  ☆105Updated 3 months ago
• andreisss / Remote-DLL-Injection-with-Timer-based-Shellcode-Execution
  Remote DLL Injection with Timer-based Shellcode Execution
  ☆142Updated 2 months ago
• praetorian-inc / google-redirector
  A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.
  ☆97Updated last month
• rtecCyberSec / SpeechRuntimeMove
  Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking
  ☆131Updated 3 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 6 months ago
• redr0nin / Agentic-Flow-Corruption-Attacks
  A red teaming attack paradigm against AI Agents
  ☆31Updated 6 months ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆149Updated 7 months ago
• zarkones / BloodfangC2
  Modern PIC implant for Windows (64 & 32 bit)
  ☆104Updated 2 months ago
• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆88Updated 9 months ago
• Krypteria / Neo4LDAP
  Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…
  ☆84Updated 3 weeks ago
• Octoberfest7 / Enumprotections_BOF
  A BOF to enumerate system process, their protection levels, and more.
  ☆120Updated 10 months ago