Alternatives and similar repositories for WMIExec:

Users that are interested in WMIExec are comparing it to the libraries listed below

• MzHmO / TGSThief
  My implementation of the GIUDA project in C++
  ☆183Updated last year
• zblurx / acltoolkit
  ACL abuse swiss-knife
  ☆123Updated 2 years ago
• sfewer-r7 / CVE-2023-27532
  Exploit for CVE-2023-27532 against Veeam Backup & Replication
  ☆110Updated 2 years ago
• slemire / WSPCoerce
  PoC to coerce authentication from Windows hosts using MS-WSP
  ☆236Updated last year
• dmcxblue / SharpGhostTask
  A C# port from Invoke-GhostTask
  ☆114Updated last year
• decoder-it / ADCSCoercePotato
  ☆224Updated last year
• JPG0mez / ADCSync
  Use ESC1 to perform a makeshift DCSync and dump hashes
  ☆207Updated last year
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆148Updated last year
• p0dalirius / MSSQL-Analysis-Coerce
  A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.
  ☆129Updated last year
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆174Updated 2 years ago
• Luct0r / KerberOPSEC
  OPSEC safe Kerberoasting in C#
  ☆191Updated 2 years ago
• trustedsec / DitExplorer
  Tool for viewing NTDS.dit
  ☆161Updated last month
• SaadAhla / GithubC2
  Github as C2 Demonstration , free API = free C2 Infrastructure
  ☆137Updated last year
• powerseb / PowerExtract
  ☆117Updated last month
• nettitude / ETWHash
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆256Updated 2 years ago
• CodeXTF2 / cobaltstrike-headless
  Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
  ☆149Updated 2 years ago
• RedSiege / AutoFunkt
  Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles
  ☆197Updated 10 months ago
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆199Updated 6 months ago
• MzHmO / psexec_noinstall
  Repository contains psexec, which will help to exploit the forgotten pipe
  ☆169Updated 6 months ago
• mertdas / SharpLateral
  Lateral Movement
  ☆123Updated last year
• MzHmO / NtlmThief
  Extracting NetNTLM without touching lsass.exe
  ☆235Updated last year
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆199Updated last year
• LuemmelSec / ntlmrelayx.py_to_exe
  ☆86Updated last year
• G0ldenGunSec / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆137Updated last year
• zyn3rgy / smbtakeover
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆300Updated 5 months ago
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆198Updated 11 months ago
• cybersectroll / TrollAMSI
  ☆172Updated 6 months ago
• xpn / RandomTSScripts
  Collection of random RedTeam scripts.
  ☆204Updated last year
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆158Updated last month
• praetorian-inc / ADFSRelay
  Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS
  ☆184Updated 2 years ago