Python alternative to Mimikatz lsadump::dcshadow
☆161Jun 24, 2025Updated 8 months ago
Alternatives and similar repositories for dcshadow
Users that are interested in dcshadow are comparing it to the libraries listed below
Sorting:
- Local SYSTEM auth trigger for relaying☆170Jul 22, 2025Updated 8 months ago
- Sh3ller is a lightweight C2 framework in its simplest form.☆31Sep 5, 2025Updated 6 months ago
- Enumerate active EDR's on the system☆152Sep 23, 2025Updated 5 months ago
- SCEP request tool for AD CS and Intune☆74Oct 24, 2025Updated 4 months ago
- This is a powershell module to help implement the AD Tier Model☆15Feb 17, 2026Updated last month
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆147Jul 17, 2025Updated 8 months ago
- psexecsvc - a python implementation of PSExec's native service implementation☆241Feb 11, 2025Updated last year
- Arsenal of modules to beacon postex☆97Mar 13, 2026Updated last week
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆276Dec 27, 2024Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆358Updated this week
- Automating the MITM attack on WSUS☆312Updated this week
- Tool for viewing NTDS.dit☆197Mar 14, 2025Updated last year
- POC tool to abuse windows server failover clusters☆55Aug 7, 2025Updated 7 months ago
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆37Dec 12, 2025Updated 3 months ago
- A tool that allows you to extract a client-specific wordlist from the LDAP of an Active Directory.☆58Jul 2, 2025Updated 8 months ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆87Mar 6, 2025Updated last year
- ☆198Mar 28, 2025Updated 11 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆898Mar 11, 2026Updated last week
- Generate and Manage KeyCredentialLinks☆253Mar 9, 2026Updated last week
- Weaponizing DCOM for NTLM Authentication Coercions☆274Jul 1, 2025Updated 8 months ago
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆117Oct 6, 2025Updated 5 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆541May 9, 2025Updated 10 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…☆97Feb 3, 2026Updated last month
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- This tool exploits Golden DMSA attack against delegated Managed Service Accounts.☆90Jul 15, 2025Updated 8 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆438Jun 27, 2025Updated 8 months ago
- Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data☆360Jan 8, 2026Updated 2 months ago
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…☆93Aug 3, 2025Updated 7 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆371Jan 29, 2026Updated last month
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆345Updated this week
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- ☆55May 31, 2025Updated 9 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆169May 30, 2024Updated last year
- ☆163Nov 19, 2025Updated 4 months ago
- Some security by obscurity using port-jumping.☆14Aug 21, 2025Updated 7 months ago
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- Windows remote execution multitool☆785Mar 10, 2026Updated last week