Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s embedded client (tsnet). Zero config, no daemon, no persistence - just a fast way in.
☆502Oct 3, 2025Updated 5 months ago
Alternatives and similar repositories for SockTail
Users that are interested in SockTail are comparing it to the libraries listed below
Sorting:
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago
- ☆138Nov 17, 2025Updated 3 months ago
- A tool designed for smuggling interactive command and control traffic through legitimate TURN servers hosted by reputable providers such …☆397Aug 18, 2025Updated 6 months ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 8 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆275Dec 27, 2024Updated last year
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- A BloodHound collector for Microsoft Configuration Manager☆392Jul 7, 2025Updated 8 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆382Dec 13, 2024Updated last year
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆309Feb 16, 2026Updated 2 weeks ago
- Windows protocol library, including SMB and RPC implementations, among others.☆674Jan 21, 2026Updated last month
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆275May 2, 2025Updated 10 months ago
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.☆460Feb 25, 2026Updated last week
- Seamless remote browser session control☆229Jan 28, 2026Updated last month
- CaptainCredz is a modular and discreet password-spraying tool.☆134Jul 22, 2025Updated 7 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆637May 8, 2025Updated 9 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,314Nov 12, 2025Updated 3 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆399Jul 23, 2025Updated 7 months ago
- Using Chromium-based browsers as a proxy for C2 traffic.☆146Dec 6, 2025Updated 3 months ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆334Jan 14, 2026Updated last month
- Generate and Manage KeyCredentialLinks☆248Jan 30, 2026Updated last month
- Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.☆1,263Dec 9, 2025Updated 2 months ago
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- Tools for analyzing EDR agents☆278Jun 10, 2024Updated last year
- Powerview on steroids☆875Feb 28, 2026Updated last week
- ☆381Oct 17, 2025Updated 4 months ago
- Sleep Obfuscation in Rust☆278Dec 1, 2025Updated 3 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆227Sep 19, 2025Updated 5 months ago
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆539May 9, 2025Updated 9 months ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆270Jun 18, 2025Updated 8 months ago
- A BOF that runs unmanaged PEs inline☆681Oct 23, 2024Updated last year
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆191Feb 16, 2026Updated 2 weeks ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆862Feb 3, 2024Updated 2 years ago