Alternatives and similar repositories for PME-Scripts

Users that are interested in PME-Scripts are comparing it to the libraries listed below

• grayhatkiller / SharpExShell
  SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
  ☆70Updated last year
• Leo4j / PowerDACL
  A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)
  ☆57Updated this week
• CultCornholio / RedTeamTP
  ☆64Updated 3 weeks ago
• slygoo / pssrecon
  ☆22Updated 7 months ago
• sud0Ru / NauthNRPC
  Enumerate Domain Users Without Authentication
  ☆34Updated last month
• netero1010 / SCCMVNC
  A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…
  ☆92Updated 7 months ago
• SaadAhla / APTmulate
  This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.
  ☆11Updated 3 weeks ago
• OtterHacker / AWSRedirector
  ☆55Updated 3 months ago
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆85Updated 2 years ago
• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆72Updated 2 years ago
• HulkOperator / AuthStager
  ☆55Updated 7 months ago
• Shrfnt77 / AmsiBypass
  Bypassing Amsi using LdrLoadDll
  ☆44Updated 4 months ago
• Tylous / Ivy
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆21Updated 2 years ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆74Updated 2 years ago
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆39Updated 10 months ago
• rasta-mouse / SpawnWith
  ☆107Updated 3 months ago
• skelsec / adiskreader-secretsdump
  Extract registry and NTDS secrets from local or remote disk images
  ☆43Updated 2 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 10 months ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆83Updated 2 years ago
• Leo4j / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆53Updated 5 months ago
• Helixo32 / GetSystem-LCI
  GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…
  ☆34Updated 6 months ago
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆90Updated 2 years ago
• myexploit / living_off_the_land
  ☆44Updated 11 months ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆58Updated 3 months ago
• casp3r0x0 / LoaderGate
  a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.
  ☆30Updated 2 weeks ago
• yehia-mamdouh / Lsassx
  Dumping LSASS Evaded Endpoint Security Solutions
  ☆13Updated 3 months ago
• nickvourd / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆19Updated last year
• redskal / SharpAzbelt
  .NET port of Leron Gray's azbelt tool.
  ☆26Updated last year
• weaselsec / ClickOnce-AppDomain-Manager-Injection
  Click Once + App Domain
  ☆62Updated last year
• TheManticoreProject / winacl
  A cross platform Go library to work with Windows Security Descriptors
  ☆34Updated this week