Alternatives and similar repositories for GPOwned:

Users that are interested in GPOwned are comparing it to the libraries listed below

• daem0nc0re / Abusing_Weak_ACL_on_Certificate_Templates
  Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
  ☆118Updated 3 years ago
• G0ldenGunSec / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆125Updated 10 months ago
• Crypt0s / DelegationBOF
  ☆138Updated 2 years ago
• mlcsec / ASRenum-BOF
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆143Updated 10 months ago
• SolomonSklash / RubeusToCcache
  A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket
  ☆54Updated 4 years ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• bitsadmin / chophound
  Some scripts to support with importing large datasets into BloodHound
  ☆79Updated last year
• praetorian-inc / ADFSRelay
  Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS
  ☆173Updated 2 years ago
• Qazeer / OffensivePythonPipeline
  Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, a…
  ☆99Updated 2 years ago
• hrtywhy / BOF-CobaltStrike
  Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
  ☆87Updated 2 years ago
• Wh04m1001 / DiagTrackEoP
  ☆89Updated 2 years ago
• tothi / SharpStay
  .NET project for installing Persistence
  ☆64Updated 2 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• xforcered / Detect-Hooks
  Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
  ☆98Updated 3 years ago
• EspressoCake / BeaconDownloadSync
  ☆92Updated 2 years ago
• fortalice / modifyCertTemplate
  ADCS cert template modification and ACL enumeration
  ☆130Updated last year
• S3cur3Th1sSh1t / NamedPipePTH
  Pass the Hash to a named pipe for token Impersonation
  ☆140Updated 3 years ago
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆66Updated 8 months ago
• fortalice / pyldapsearch
  Tool for issuing manual LDAP queries which offers bofhound compatible output
  ☆51Updated 7 months ago
• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆88Updated 2 years ago
• 0xe7 / RoastInTheMiddle
  ☆70Updated last year
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆55Updated 2 years ago
• emcghee / PayloadAutomation
  ☆119Updated 2 years ago
• S4ntiagoP / donut
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆111Updated last year
• checkymander / Carbuncle
  Tool for interacting with outlook interop during red team engagements
  ☆144Updated 3 years ago
• p0dalirius / MSSQL-Analysis-Coerce
  A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.
  ☆125Updated last year
• cube0x0 / LdapSignCheck
  Beacon Object File & C# project to check LDAP signing
  ☆180Updated 5 months ago
• rootSySdk / PowerGPOAbuse
  Powershell version of SharpGPOAbuse
  ☆70Updated 3 years ago
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆80Updated 2 years ago