Living off the land searches for explorer and sharepoint
☆93Dec 7, 2025Updated 2 months ago
Alternatives and similar repositories for LOLSearches
Users that are interested in LOLSearches are comparing it to the libraries listed below
Sorting:
- A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…☆116Oct 20, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆336Aug 7, 2024Updated last year
- Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll☆50Jun 16, 2025Updated 8 months ago
- Brute Ratel External C2 (Microsoft Teams)☆38Dec 11, 2024Updated last year
- ☆117Jun 17, 2025Updated 8 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆275Dec 27, 2024Updated last year
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆230Oct 6, 2024Updated last year
- Abusing Azure services over C2☆367Jan 20, 2026Updated last month
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆86Jul 12, 2023Updated 2 years ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- Deobfuscation of XorStringsNet☆14Nov 5, 2024Updated last year
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆237Aug 25, 2024Updated last year
- Some Rust program I wrote while learning Malware Development☆158Feb 4, 2025Updated last year
- ☆40Oct 8, 2024Updated last year
- A tool that allows you to extract a client-specific wordlist from the LDAP of an Active Directory.☆58Jul 2, 2025Updated 8 months ago
- Group Policy Objects manipulation and exploitation framework☆292Dec 7, 2025Updated 2 months ago
- Your template-based BloodHound terminal companion tool☆447Jan 21, 2026Updated last month
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆104Mar 21, 2025Updated 11 months ago
- Remotely Enumerate sessions using undocumented Windows Station APIs☆117Aug 21, 2024Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆382Dec 13, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆862Feb 3, 2024Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆219Jul 14, 2021Updated 4 years ago
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆28Aug 19, 2024Updated last year
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆144Feb 23, 2022Updated 4 years ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆172Sep 3, 2025Updated 6 months ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- ☆160Jan 27, 2025Updated last year
- msuserstats is a comprehensive Powershell tool to manage accounts from Microsoft Entra ID and Active Directory. It supports: a unified vi…☆43Mar 13, 2025Updated 11 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆172May 13, 2024Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆637May 8, 2025Updated 9 months ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258May 10, 2023Updated 2 years ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆75Feb 9, 2024Updated 2 years ago
- ☆107Jan 4, 2023Updated 3 years ago
- A set of programs for analyzing common vulnerabilities in COM☆248Sep 8, 2024Updated last year
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago