Alternatives and similar repositories for GPOwned

Users that are interested in GPOwned are comparing it to the libraries listed below

• G0ldenGunSec / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆137Updated last year
• bitsadmin / chophound
  Some scripts to support with importing large datasets into BloodHound
  ☆80Updated last year
• Qazeer / OffensivePythonPipeline
  Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, a…
  ☆101Updated 2 years ago
• garrettfoster13 / aced
  ☆159Updated 6 months ago
• csandker / pxethiefy
  ☆57Updated 3 months ago
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆83Updated 3 years ago
• slemire / WSPCoerce
  PoC to coerce authentication from Windows hosts using MS-WSP
  ☆236Updated last year
• nettitude / ETWHash
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆256Updated 2 years ago
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆70Updated last month
• cube0x0 / LdapSignCheck
  Beacon Object File & C# project to check LDAP signing
  ☆189Updated 9 months ago
• daem0nc0re / Abusing_Weak_ACL_on_Certificate_Templates
  Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
  ☆122Updated 3 years ago
• Crypt0s / DelegationBOF
  ☆141Updated 3 years ago
• SolomonSklash / RubeusToCcache
  A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket
  ☆55Updated 5 years ago
• hrtywhy / BOF-CobaltStrike
  Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
  ☆108Updated 2 years ago
• xpn / sccmwtf
  ☆151Updated 3 months ago
• Kevin-Robertson / Sharpmad
  C# version of Powermad
  ☆165Updated last year
• jazzpizazz / BloodHound.py-Kerberos
  A Python based ingestor for BloodHound
  ☆84Updated 2 years ago
• Wh04m1001 / DiagTrackEoP
  ☆88Updated 2 years ago
• fortalice / modifyCertTemplate
  ADCS cert template modification and ACL enumeration
  ☆136Updated last year
• mlcsec / SharpSQL
  Simple C# implementation of PowerUpSQL
  ☆95Updated 10 months ago
• powerseb / PowerExtract
  ☆117Updated last month
• bashexplode / cs2webconfig
  Convert Cobalt Strike profiles to IIS web.config files
  ☆112Updated 3 years ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆74Updated 2 years ago
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆174Updated 2 years ago
• 0xthirteen / AssemblyHunter
  Find .net assemblies locally
  ☆113Updated 2 years ago
• Luct0r / KerberOPSEC
  OPSEC safe Kerberoasting in C#
  ☆191Updated 2 years ago
• p0dalirius / MSSQL-Analysis-Coerce
  A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.
  ☆129Updated last year
• Cobalt-Strike / ElevateKit
  The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
  ☆120Updated 4 years ago
• 0xe7 / RoastInTheMiddle
  ☆71Updated last year
• EspressoCake / DLL-Hijack-Search-Order-BOF
  DLL Hijack Search Order Enumeration BOF
  ☆147Updated 3 years ago