Alternatives and similar repositories for rifiuti2

Users that are interested in rifiuti2 are comparing it to the libraries listed below

• yanncam / exe2powershell
  exe2powershell - exe2bat reborn for modern Windows
  ☆171Updated 4 years ago
• jschicht / UsnJrnl2Csv
  Parser for $UsnJrnl on NTFS
  ☆111Updated 2 years ago
• csababarta / ntdsxtract
  Active Directory forensic framework
  ☆326Updated 3 years ago
• sud0woodo / DCOMrade
  Powershell script for enumerating vulnerable DCOM Applications
  ☆260Updated 6 years ago
• r4wd3r / RID-Hijacking
  Windows RID Hijacking persistence technique
  ☆174Updated 7 months ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆221Updated 4 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆135Updated 2 years ago
• anthemtotheego / SharpExec
  ☆347Updated 3 years ago
• fox-it / danderspritz-evtx
  Parse evtx files and detect use of the DanderSpritz eventlogedit module
  ☆148Updated 7 years ago
• trustedsec / tscopy
  ☆91Updated 3 years ago
• sailay1996 / UAC_bypass_windows_store
  Windows 10 LPE (UAC Bypass) in Windows Store (WSReset.exe)
  ☆266Updated 5 years ago
• ionescu007 / faxhell
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆331Updated 5 years ago
• travisfoley / dfirtriage
  Digital forensic acquisition tool for Windows based incident response.
  ☆342Updated last year
• Cn33liz / MSBuildShell
  MSBuildShell, a Powershell Host running within MSBuild.exe
  ☆288Updated 5 years ago
• 3gstudent / Eventlogedit-evtx--Evolution
  Remove individual lines from Windows XML Event Log (EVTX) files
  ☆270Updated 4 years ago
• ionescu007 / PrintDemon
  PrintDemon is a PoC for a series of issues in the Windows Print Spooler service, as well as potetial misuses of the functionality.
  ☆202Updated 5 years ago
• returnvar / wce
  Windows Credentials Editor v1.3beta
  ☆110Updated 5 years ago
• mattifestation / WMI_Backdoor
  A PoC WMI backdoor presented at Black Hat 2015
  ☆273Updated 9 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆211Updated 3 months ago
• EricZimmerman / LECmd
  Lnk Explorer Command line edition!!
  ☆310Updated 5 months ago
• jschicht / RawCopy
  Commandline low level file extractor for NTFS
  ☆290Updated 5 years ago
• outflanknl / NetshHelperBeacon
  Example DLL to load from Windows NetShell
  ☆180Updated 8 years ago
• kavika13 / RemCom
  Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)
  ☆351Updated 7 years ago
• mubix / netview
  Netview enumerates systems using WinAPI calls
  ☆295Updated 3 years ago
• jschicht / LogFileParser
  Parser for $LogFile on NTFS
  ☆196Updated 3 weeks ago
• huntresslabs / evading-autoruns
  Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)
  ☆104Updated 4 years ago
• netwrix / poshkatz
  PowerShell module for Mimikatz
  ☆212Updated 5 years ago
• MagnetForensics / Hibr2Bin
  Comae Hibernation File Decompressor
  ☆150Updated 2 years ago
• mandiant / OfficePurge
  ☆260Updated 2 years ago
• BC-SECURITY / Invoke-PrintDemon
  This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.
  ☆202Updated 4 years ago