Alternatives and similar repositories for ntlm_relay_gat

Users that are interested in ntlm_relay_gat are comparing it to the libraries listed below

• itaymigdal / LOLSpoof

  View on GitHub
  An interactive shell to spoof some LOLBins command line
  ☆188Jan 27, 2024Updated 2 years ago
• mlcsec / proctools

  View on GitHub
  Small toolkit for extracting information and dumping sensitive strings from Windows processes
  ☆116Jul 17, 2024Updated last year
• decoder-it / DFSCoerce-exe-2

  View on GitHub
  DFSCoerce exe revisited version with custom authentication
  ☆42Jan 13, 2024Updated 2 years ago
• synacktiv / GPOddity

  View on GitHub
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆358Dec 13, 2025Updated 2 months ago
• Slowerzs / ThievingFox

  View on GitHub
  ☆567Mar 28, 2024Updated last year
• p0dalirius / pyLDAPWordlistHarvester

  View on GitHub
  A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.
  ☆372Sep 29, 2025Updated 4 months ago
• sokaRepo / CoercedPotatoRDLL

  View on GitHub
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆224Nov 23, 2023Updated 2 years ago
• FalconForceTeam / SOAPHound

  View on GitHub
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆859Feb 3, 2024Updated 2 years ago
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆637May 8, 2025Updated 9 months ago
• jfjallid / go-secdump

  View on GitHub
  Tool to remotely dump secrets from the Windows registry
  ☆522Nov 18, 2025Updated 2 months ago
• MWR-CyberSec / AD-CS-Forest-Exploiter

  View on GitHub
  Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
  ☆126Dec 2, 2023Updated 2 years ago
• grimlockx / ADCSKiller

  View on GitHub
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆738May 19, 2023Updated 2 years ago
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Feb 11, 2024Updated 2 years ago
• Malcrove / SeamlessPass

  View on GitHub
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆232Aug 25, 2024Updated last year
• huntandhackett / PassiveAggression

  View on GitHub
  Source code and examples for PassiveAggression
  ☆64Jun 6, 2024Updated last year
• decoder-it / ADCSCoercePotato

  View on GitHub
  ☆242May 5, 2024Updated last year
• RePRGM / Nimperiments

  View on GitHub
  Various one-off pentesting projects written in Nim. Updates happen on a whim.
  ☆162Jul 14, 2025Updated 7 months ago
• logangoins / Cable

  View on GitHub
  .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
  ☆400Jul 23, 2025Updated 6 months ago
• JPG0mez / ADCSync

  View on GitHub
  Use ESC1 to perform a makeshift DCSync and dump hashes
  ☆210Nov 2, 2023Updated 2 years ago
• ricardojoserf / NativeDump

  View on GitHub
  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
  ☆698May 7, 2025Updated 9 months ago
• CyberSecurityN00b / shellfeck

  View on GitHub
  A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept
  ☆16Mar 11, 2024Updated last year
• danti1988 / adcshunter

  View on GitHub
  Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.
  ☆82Sep 13, 2024Updated last year
• synacktiv / SCCMSecrets

  View on GitHub
  SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
  ☆260Nov 22, 2025Updated 2 months ago
• icyguider / UAC-BOF-Bonanza

  View on GitHub
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆603Feb 21, 2024Updated last year
• decoder-it / TokenStealer

  View on GitHub
  ☆162Oct 25, 2023Updated 2 years ago
• dmcxblue / SharpGhostTask

  View on GitHub
  A C# port from Invoke-GhostTask
  ☆119Jan 5, 2024Updated 2 years ago
• foxlox / GIUDA

  View on GitHub
  Ask a TGS on behalf of another user without password
  ☆482Mar 30, 2025Updated 10 months ago
• ricardojoserf / TrickDump

  View on GitHub
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆536May 9, 2025Updated 9 months ago
• zblurx / certsync

  View on GitHub
  Dump NTDS with golden certificates and UnPAC the hash
  ☆647Mar 20, 2024Updated last year
• mlcsec / EDRenum-BOF

  View on GitHub
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆128Oct 4, 2024Updated last year
• LuemmelSec / APEX

  View on GitHub
  Azure Post Exploitation Framework
  ☆244Oct 27, 2025Updated 3 months ago
• Xre0uS / MultiDump

  View on GitHub
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆537Nov 14, 2025Updated 3 months ago
• florylsk / ExecIT

  View on GitHub
  Execute shellcode files with rundll32
  ☆216Jan 28, 2024Updated 2 years ago
• redrays-io / SAP-Penetration-Testing

  View on GitHub
  SAP Penetration Testing: A Comprehensive Analysis of SAP Security Issues
  ☆40Nov 23, 2023Updated 2 years ago
• wh0amitz / S4UTomato

  View on GitHub
  Escalate Service Account To LocalSystem via Kerberos
  ☆402Sep 14, 2023Updated 2 years ago
• trustedsec / orpheus

  View on GitHub
  Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
  ☆411Mar 21, 2025Updated 10 months ago
• login-securite / conpass

  View on GitHub
  Continuous password spraying tool
  ☆201Dec 4, 2025Updated 2 months ago
• MalwareTech / EDR-Preloader

  View on GitHub
  An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
  ☆539Feb 13, 2024Updated 2 years ago
• mertdas / SharpLateral

  View on GitHub
  Lateral Movement
  ☆125Nov 14, 2023Updated 2 years ago