Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but for security research and penetration testing! π«
β167Oct 21, 2025Updated 4 months ago
Alternatives and similar repositories for Wonka
Users that are interested in Wonka are comparing it to the libraries listed below
Sorting:
- A Windows tool that converts LDIF files to BloodHound CEβ27Dec 20, 2025Updated 2 months ago
- A professional Red Team / Pentest tool for assessing the external perimeter of a company in a complete "black box" mode (zero knowledge, β¦β29Feb 15, 2026Updated 2 weeks ago
- PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk readsβ240Oct 30, 2025Updated 4 months ago
- The DCERPC only printerbug.py versionβ206Oct 30, 2025Updated 4 months ago
- Step-by-step documentation on how to decrypt SCCM database secrets offlineβ50Oct 20, 2025Updated 4 months ago
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.β187Jan 11, 2026Updated last month
- a small script to collect information from a management pointβ37Jan 19, 2026Updated last month
- PowerShell SharePoint extraction + auditing tool for red/blue/purple teams. Enumerates all SharePoint sites/drives a user can access via β¦β114Jan 25, 2026Updated last month
- Elastic Security Labs' malware analysis and reverse engineering libraryβ52Feb 13, 2026Updated 2 weeks ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.β147Jul 17, 2025Updated 7 months ago
- Python tool to automatically perform SPN-less RBCD attacks.β123Jan 7, 2026Updated last month
- A simple tool to identify WDS servers in Active Directoryβ32Aug 25, 2025Updated 6 months ago
- Exhaustive search and flexible filtering of Active Directory ACEs.β75Nov 10, 2025Updated 3 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functionsβ266Apr 8, 2025Updated 10 months ago
- Abusing Azure services over C2β368Jan 20, 2026Updated last month
- A python tool to map the access rights of network shares into a BloodHound OpenGraphs easilyβ270Feb 5, 2026Updated 3 weeks ago
- A C# tool for extracting information from SCCM PXE boot media.β51Jan 14, 2026Updated last month
- Windows protocol library, including SMB and RPC implementations, among others.β617Jan 21, 2026Updated last month
- Using Chromium-based browsers as a proxy for C2 traffic.β146Dec 6, 2025Updated 2 months ago
- Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.β58Dec 15, 2025Updated 2 months ago
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.β72Oct 22, 2025Updated 4 months ago
- Unauthenticated start EFS service on remote Windows host (make PetitPotam great again)β129Oct 23, 2025Updated 4 months ago
- A tool to easily perform GitHub Device Code Phishing on red team engagementsβ85Feb 9, 2026Updated 3 weeks ago
- Azure Post Exploitation Frameworkβ244Oct 27, 2025Updated 4 months ago
- Proof of concept for Kerberos Armoring abuse.β81Dec 12, 2025Updated 2 months ago
- PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) β weaponized to kill protected EDR/AV processes via BYOVD.β202Sep 11, 2025Updated 5 months ago
- CVE-2025-59501 POC codeβ25Nov 20, 2025Updated 3 months ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux serversβ18Mar 19, 2025Updated 11 months ago
- A Bloodhound alternative. BloodBash will ingest the same files bloodhound does but no server is required to use this tool. It's great forβ¦β175Feb 23, 2026Updated last week
- SpicyAD is a C# Active Directory penetration testing tool designed for authorized security assessments. It combines multiple AD attack teβ¦β99Dec 23, 2025Updated 2 months ago
- Red Team tools containerizedβ76Dec 6, 2025Updated 2 months ago
- β55Nov 18, 2025Updated 3 months ago
- β198Mar 28, 2025Updated 11 months ago
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA β¦β163Nov 2, 2025Updated 4 months ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with itβ131Aug 23, 2025Updated 6 months ago
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.β460Feb 25, 2026Updated last week
- This repository contains scripts about ACL abuse and any other active directory attacking methods.β36Aug 20, 2023Updated 2 years ago
- BOF to terminate a process via PID as argumentβ28Sep 7, 2025Updated 5 months ago
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.β31Dec 31, 2025Updated 2 months ago