Alternatives and similar repositories for AD-hack-tools

Users that are interested in AD-hack-tools are comparing it to the libraries listed below

• Cyb3rDudu / SliverLoader
  A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec
  ☆26Updated last year
• Leo4j / Invoke-SessionHunter
  Retrieve and display information about active user sessions on remote computers. No admin privileges required.
  ☆199Updated last year
• chebuya / Havoc-C2-SSRF-poc
  CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit
  ☆74Updated last year
• adityatelange / evil-winrm-py
  Execute commands interactively on remote Windows machines using the WinRM protocol
  ☆295Updated last month
• JPG0mez / ADCSync
  Use ESC1 to perform a makeshift DCSync and dump hashes
  ☆209Updated 2 years ago
• xct / SeManageVolumeAbuse
  SeManageVolumePrivilege to SYSTEM
  ☆140Updated 2 years ago
• arth0sz / Practice-AD-CS-Domain-Escalation
  Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the w…
  ☆138Updated 2 years ago
• CsEnox / EventViewer-UACBypass
  🍊 Orange Tsai EventViewer RCE
  ☆192Updated 3 years ago
• xct / rcat
  rcat
  ☆72Updated 3 years ago
• RedTeamPentesting / adauth
  Active Directory Authentication Library
  ☆85Updated last month
• xct / winssh
  ☆62Updated 2 years ago
• MzHmO / LeakedWallpaper
  Leak of any user's NetNTLM hash. Fixed in KB5040434
  ☆259Updated last year
• sliverarmory / C2-Tool-Collection
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆17Updated last year
• t94j0 / adexplorersnapshot-rs
  ☆89Updated last week
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆39Updated last year
• xct / SeRestoreAbuse
  SeRestorePrivilege to SYSTEM
  ☆132Updated 4 years ago
• sud0Ru / NauthNRPC
  Enumerate Domain Users Without Authentication
  ☆278Updated 7 months ago
• ice-wzl / wmiexec2
  wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures …
  ☆45Updated 2 months ago
• Flangvik / ObfuscatedSharpCollection
  Attempt at Obfuscated version of SharpCollection
  ☆234Updated last month
• rweijnen / createdump
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆153Updated last year
• Friends-Security / SharpExclusionFinder
  Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
  ☆224Updated last year
• san6051 / TeamsCh-Shell
  ☆37Updated 8 months ago
• synacktiv / CVE-2024-43468
  ☆94Updated 11 months ago
• xct / SeDebugAbuse
  Get SYSTEM via SeDebugPrivilege
  ☆23Updated 3 years ago
• sensepost / susinternals
  psexecsvc - a python implementation of PSExec's native service implementation
  ☆226Updated 10 months ago
• ShutdownRepo / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆76Updated last year
• V-i-x-x / SSL-AES-Reverse-Shell
  C++ Encrypted SSL/TLS REVERSE SHELL, designed to provide secure, encrypted communication between a compromised client and an attacker, wh…
  ☆113Updated 2 months ago
• ad0nis / ntlm_relay_gat
  ☆161Updated last year
• miko550 / CVE-2023-32315
  Openfire Console Authentication Bypass Vulnerability with RCE plugin
  ☆55Updated last year
• seriotonctf / AD-Tools
  List of some AD tools I frequently use
  ☆53Updated last month