Alternatives and similar repositories for rifiuti2

Users that are interested in rifiuti2 are comparing it to the libraries listed below

• jschicht / UsnJrnl2Csv
  Parser for $UsnJrnl on NTFS
  ☆111Updated 2 years ago
• yanncam / exe2powershell
  exe2powershell - exe2bat reborn for modern Windows
  ☆172Updated 4 years ago
• returnvar / wce
  Windows Credentials Editor v1.3beta
  ☆109Updated 5 years ago
• jschicht / RawCopy
  Commandline low level file extractor for NTFS
  ☆287Updated 5 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆134Updated 2 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆211Updated 2 months ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆221Updated 4 years ago
• sud0woodo / DCOMrade
  Powershell script for enumerating vulnerable DCOM Applications
  ☆258Updated 6 years ago
• deadjakk / patch-checker
  Web-based check for Windows privesc vulnerabilities
  ☆139Updated 2 years ago
• williballenthin / shellbags
  Cross-platform, open-source shellbag parser
  ☆149Updated 2 years ago
• trustedsec / tscopy
  ☆91Updated 2 years ago
• jschicht / ExtractUsnJrnl
  Tool to extract the $UsnJrnl from an NTFS volume
  ☆106Updated 5 years ago
• fox-it / danderspritz-evtx
  Parse evtx files and detect use of the DanderSpritz eventlogedit module
  ☆148Updated 7 years ago
• mubix / netview
  Netview enumerates systems using WinAPI calls
  ☆295Updated 3 years ago
• decalage2 / oledump-contrib
  The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.
  ☆54Updated 9 years ago
• dfirfpi / dpapilab
  Windows DPAPI laboratory
  ☆91Updated 7 years ago
• quarkslab / quarkspwdump
  Dump various types of Windows credentials without injecting in any process.
  ☆424Updated 2 years ago
• r4wd3r / RID-Hijacking
  Windows RID Hijacking persistence technique
  ☆174Updated 6 months ago
• kavika13 / RemCom
  Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)
  ☆348Updated 7 years ago
• travisfoley / dfirtriage
  Digital forensic acquisition tool for Windows based incident response.
  ☆341Updated last year
• anthemtotheego / SharpExec
  ☆347Updated 3 years ago
• rogue-kdc / CVE-2019-0841
  PoC code for CVE-2019-0841 Privilege Escalation vulnerability
  ☆240Updated 6 years ago
• jschicht / LogFileParser
  Parser for $LogFile on NTFS
  ☆196Updated this week
• HarmJ0y / pylnker
  This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.
  ☆77Updated 2 years ago
• sailay1996 / Fileless_UAC_bypass_WSReset
  I created the python script to bypass UAC to get system shell .
  ☆122Updated 5 years ago
• BC-SECURITY / Invoke-PrintDemon
  This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.
  ☆202Updated 4 years ago
• ionescu007 / faxhell
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆331Updated 5 years ago
• Viralmaniar / HiveJack
  This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to …
  ☆109Updated 5 years ago
• ionescu007 / PrintDemon
  PrintDemon is a PoC for a series of issues in the Windows Print Spooler service, as well as potetial misuses of the functionality.
  ☆201Updated 5 years ago
• cyberark / ketshash
  A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
  ☆170Updated 3 months ago