Alternatives and similar repositories for Invoke-RDPThief

Users that are interested in Invoke-RDPThief are comparing it to the libraries listed below

• Thunter-HackTeam / EvilentCoerce
  ☆157Updated 8 months ago
• synacktiv / CVE-2024-43468
  ☆94Updated last year
• rubenformation / ms-photos_NTLM_Leak
  New 0 day vulnerability allowing to leak NTLM hashes from browsers with one click
  ☆183Updated 2 months ago
• The-Viper-One / Invoke-PassTheCert
  Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆59Updated 9 months ago
• m4lwhere / profilehound
  ProfileHound - BloodHound OpenGraph collector for user profiles stored on domain machines. Make informed decisions about looting secrets …
  ☆132Updated 2 weeks ago
• cisagov / snafflepy
  Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler
  ☆116Updated 6 months ago
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆180Updated 8 months ago
• jarnovandenbrink / getSPNless
  Python tool to automatically perform SPN-less RBCD attacks.
  ☆99Updated last week
• OleFredrik1 / remoteKrbRelayx
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆145Updated 6 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆101Updated 8 months ago
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆153Updated 2 months ago
• andrecrafts / Bloodhound-query-legacy2ce
  A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …
  ☆34Updated 3 months ago
• Shac0x / Wonka
  Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…
  ☆160Updated 2 months ago
• duhirsch / MoveEdr
  Permanently disable EDRs as local admin
  ☆124Updated last month
• monsieurPale / BreakFAST
  Proof of concept for Kerberos Armoring abuse.
  ☆56Updated last month
• 7hePr0fess0r / ADCSDevilCOM
  A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …
  ☆163Updated 2 months ago
• 0xedh / dumpguard_bof
  Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.
  ☆189Updated 2 weeks ago
• cybrly / badsuccessor
  ☆120Updated 7 months ago
• OtterHacker / AWSRedirector
  ☆57Updated 11 months ago
• inb1ts / CSSHide
  Encodes a payload within a generated mock-CSS file
  ☆59Updated 2 years ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Updated 11 months ago
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆129Updated 6 months ago
• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆88Updated last year
• Maldev-Academy / ElectronVulnScanner
  Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.
  ☆147Updated last month
• amauricio / junkshell
  ☆75Updated 10 months ago
• sud0Ru / NauthNRPC
  Enumerate Domain Users Without Authentication
  ☆281Updated 8 months ago
• ad0nis / ntlm_relay_gat
  ☆165Updated last year
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆213Updated last year
• decoder-it / printerbugnew
  The DCERPC only printerbug.py version
  ☆187Updated 2 months ago
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆162Updated last year