Alternatives and similar repositories for Invoke-RDPThief

Users that are interested in Invoke-RDPThief are comparing it to the libraries listed below

• synacktiv / CVE-2024-43468
  ☆94Updated last year
• m4lwhere / profilehound
  ProfileHound - BloodHound OpenGraph collector for user profiles stored on domain machines. Make informed decisions about looting secrets …
  ☆149Updated last month
• Thunter-HackTeam / EvilentCoerce
  ☆159Updated 9 months ago
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆181Updated 8 months ago
• The-Viper-One / Invoke-PassTheCert
  Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆59Updated 9 months ago
• rubenformation / ms-photos_NTLM_Leak
  New 0 day vulnerability allowing to leak NTLM hashes from browsers with one click
  ☆206Updated 2 months ago
• monsieurPale / BreakFAST
  Proof of concept for Kerberos Armoring abuse.
  ☆77Updated last month
• cisagov / snafflepy
  Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler
  ☆119Updated 6 months ago
• OleFredrik1 / remoteKrbRelayx
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆146Updated 6 months ago
• andrecrafts / Bloodhound-query-legacy2ce
  A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …
  ☆34Updated 4 months ago
• 7hePr0fess0r / ADCSDevilCOM
  A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …
  ☆163Updated 3 months ago
• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆89Updated last year
• jarnovandenbrink / getSPNless
  Python tool to automatically perform SPN-less RBCD attacks.
  ☆114Updated last month
• duhirsch / MoveEdr
  Permanently disable EDRs as local admin
  ☆125Updated last month
• cybrly / badsuccessor
  ☆120Updated 8 months ago
• Shac0x / Wonka
  Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…
  ☆162Updated 3 months ago
• p4p1 / havoc-ligolo
  A Havoc UI tool to pivot onto a machine using ligolo-ng
  ☆50Updated 2 years ago
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆213Updated last year
• nullsection / chisel-ng
  Chisel new generation, written in rust. SSH under WSS with some customization.
  ☆124Updated 2 weeks ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆102Updated 9 months ago
• 0xedh / dumpguard_bof
  Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.
  ☆205Updated last month
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Updated 11 months ago
• 0xb11a1 / sliver_extension_uac_bypass_cmstp
  Sliver extension to bypass UAC via cmstp written in rust
  ☆35Updated last year
• CICADA8-Research / Penetration
  Our Tips&Tricks
  ☆128Updated 11 months ago
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆129Updated 7 months ago
• sud0Ru / NauthNRPC
  Enumerate Domain Users Without Authentication
  ☆281Updated 9 months ago
• secorizon / MSFinger
  Microsoft Network Service Fingerprinting Tool
  ☆65Updated last month
• decoder-it / printerbugnew
  The DCERPC only printerbug.py version
  ☆200Updated 3 months ago
• matro7sh / matro7sh_loaders
  this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
  ☆83Updated 2 years ago
• rtecCyberSec / RAITrigger
  Local SYSTEM auth trigger for relaying
  ☆168Updated 6 months ago