Alternatives and similar repositories for SMB-Session-Spoofing

Users that are interested in SMB-Session-Spoofing are comparing it to the libraries listed below

• pwn1sher / frostbyte

  View on GitHub
  FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
  ☆386Apr 16, 2022Updated 3 years ago
• nettitude / SharpWSUS

  View on GitHub
  ☆477Nov 20, 2022Updated 3 years ago
• frkngksl / HintInject

  View on GitHub
  A PoC project for embedding shellcode to Hint/Name Table
  ☆113May 16, 2022Updated 3 years ago
• RiccardoAncarani / talks

  View on GitHub
  ☆43Jul 6, 2022Updated 3 years ago
• Hagrid29 / DuplicateDump

  View on GitHub
  Dumping LSASS with a duplicated handle from custom LSA plugin
  ☆204Feb 23, 2022Updated 3 years ago
• puzzlepeaches / msprobe

  View on GitHub
  Finding all things on-prem Microsoft for password spraying and enumeration.
  ☆258May 17, 2022Updated 3 years ago
• adamsvoboda / nim-loader

  View on GitHub
  WIP shellcode loader in nim with EDR evasion techniques
  ☆221Mar 30, 2022Updated 3 years ago
• netero1010 / ScheduleRunner

  View on GitHub
  A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation
  ☆345Jan 22, 2025Updated last year
• Lexxrt / vShell

  View on GitHub
  🐚ᴠʟᴀɴɢ ʀᴇᴠᴇʀsᴇ sʜᴇʟʟ🐚
  ☆11Apr 28, 2022Updated 3 years ago
• FULLSHADE / Auto-Elevate

  View on GitHub
  Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token…
  ☆162Dec 19, 2021Updated 4 years ago
• trustedsec / CrackHound

  View on GitHub
  ☆144Oct 31, 2023Updated 2 years ago
• layer8secure / SilentHound

  View on GitHub
  Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
  ☆501Jan 23, 2023Updated 3 years ago
• daddycocoaman / dumpscan

  View on GitHub
  Finding secrets in kernel and user memory
  ☆116Sep 6, 2023Updated 2 years ago
• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆539Nov 20, 2021Updated 4 years ago
• med0x2e / NTLMRelay2Self

  View on GitHub
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆417Jan 27, 2024Updated 2 years ago
• nettitude / MalSCCM

  View on GitHub
  ☆252Sep 28, 2023Updated 2 years ago
• cube0x0 / LdapSignCheck

  View on GitHub
  Beacon Object File & C# project to check LDAP signing
  ☆199Aug 7, 2024Updated last year
• hlldz / RefleXXion

  View on GitHub
  RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …
  ☆502Jan 25, 2022Updated 4 years ago
• cube0x0 / KrbRelay

  View on GitHub
  Framework for Kerberos relaying
  ☆939May 29, 2022Updated 3 years ago
• itm4n / PPLdump

  View on GitHub
  Dump the memory of a PPL with a userland exploit
  ☆891Jul 24, 2022Updated 3 years ago
• Flangvik / CobaltBus

  View on GitHub
  Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
  ☆248Feb 23, 2022Updated 3 years ago
• Octoberfest7 / KDStab

  View on GitHub
  BOF combination of KillDefender and Backstab
  ☆170Mar 23, 2023Updated 2 years ago
• praetorian-inc / ADFSRelay

  View on GitHub
  Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS
  ☆186Jun 22, 2022Updated 3 years ago
• crisprss / magicNetdefs

  View on GitHub
  Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…
  ☆49Jun 21, 2022Updated 3 years ago
• GhostPack / ForgeCert

  View on GitHub
  "Golden" certificates
  ☆710Aug 17, 2024Updated last year
• mhaskar / ExchangeFinder

  View on GitHub
  Find Microsoft Exchange instance for a given domain and identify the exact version
  ☆188Jan 30, 2023Updated 3 years ago
• michaelweber / Macrome

  View on GitHub
  Excel Macro Document Reader/Writer for Red Teamers & Analysts
  ☆524Feb 1, 2022Updated 4 years ago
• p0dalirius / DumpSMBShare

  View on GitHub
  A python script to dump files and folders remotely from a Windows SMB share.
  ☆227Jan 31, 2025Updated last year
• pimps / pdf-NTLMLeaker

  View on GitHub
  This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"
  ☆29May 1, 2018Updated 7 years ago
• mpgn / BackupOperatorToDA

  View on GitHub
  From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
  ☆439Jan 4, 2025Updated last year
• daddycocoaman / azbelt

  View on GitHub
  AAD related enumeration in Nim
  ☆132Sep 7, 2023Updated 2 years ago
• securisec / cliam

  View on GitHub
  Cloud agnostic IAM permissions enumerator
  ☆161Apr 10, 2025Updated 10 months ago
• Flangvik / TeamFiltration

  View on GitHub
  TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
  ☆1,369Oct 22, 2025Updated 3 months ago
• jsecu / ElevatedEvents

  View on GitHub
  ☆30Nov 7, 2022Updated 3 years ago
• nickvourd / COM-Hunter

  View on GitHub
  COM Hijacking VOODOO
  ☆376Nov 27, 2025Updated 2 months ago
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,364Oct 27, 2023Updated 2 years ago
• BeetleChunks / SpoolSploit

  View on GitHub
  A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
  ☆551Jul 16, 2021Updated 4 years ago
• zblurx / acltoolkit

  View on GitHub
  ACL abuse swiss-knife
  ☆127Feb 3, 2023Updated 3 years ago
• blacklanternsecurity / offensive-azure

  View on GitHub
  Collection of offensive tools targeting Microsoft Azure
  ☆217Jan 18, 2023Updated 3 years ago