Alternatives and similar repositories for AD-hack-tools

Users that are interested in AD-hack-tools are comparing it to the libraries listed below

• chebuya / Havoc-C2-SSRF-poc
  CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit
  ☆74Updated last year
• Cyb3rDudu / SliverLoader
  A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec
  ☆26Updated last year
• MinoTauro2020 / RedTeam-CRTL-Certification
  ☆18Updated last year
• xct / SeManageVolumeAbuse
  SeManageVolumePrivilege to SYSTEM
  ☆142Updated 2 years ago
• xct / winssh
  ☆62Updated 2 years ago
• jalvarezz13 / Krb5RoastParser
  KrbRoastParser is a tool for parsing Kerberos packets from pcap files to extract AS-REQ, AS-REP and TGS-REP hashes
  ☆56Updated 4 months ago
• xct / rcat
  rcat
  ☆73Updated 3 years ago
• dievus / PowerShellRunner
  PowerShell runner for executing malicious payloads in order to bypass Windows Defender.
  ☆72Updated 4 years ago
• xct / SeRestoreAbuse
  SeRestorePrivilege to SYSTEM
  ☆132Updated 4 years ago
• Leo4j / Invoke-SessionHunter
  Retrieve and display information about active user sessions on remote computers. No admin privileges required.
  ☆203Updated last year
• Flangvik / ObfuscatedSharpCollection
  Attempt at Obfuscated version of SharpCollection
  ☆238Updated last month
• sensepost / susinternals
  psexecsvc - a python implementation of PSExec's native service implementation
  ☆231Updated 11 months ago
• san6051 / TeamsCh-Shell
  ☆37Updated 9 months ago
• arth0sz / Practice-AD-CS-Domain-Escalation
  Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the w…
  ☆138Updated 2 years ago
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆178Updated 2 years ago
• amauricio / junkshell
  ☆75Updated 9 months ago
• JPG0mez / ADCSync
  Use ESC1 to perform a makeshift DCSync and dump hashes
  ☆210Updated 2 years ago
• monsieurPale / BreakFAST
  Proof of concept for Kerberos Armoring abuse.
  ☆56Updated last month
• xct / SeDebugAbuse
  Get SYSTEM via SeDebugPrivilege
  ☆24Updated 3 years ago
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆39Updated last year
• rweijnen / createdump
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆153Updated last year
• RedTeamPentesting / adauth
  Active Directory Authentication Library
  ☆86Updated 2 months ago
• sud0Ru / NauthNRPC
  Enumerate Domain Users Without Authentication
  ☆281Updated 8 months ago
• Jnnshschl / CVE-2023-38146
  PoC for the ThemeBleed Windows 11 CVE-2023-38146 written in python using impacket. https://jnns.de/posts/cve-2023-38146-poc/
  ☆23Updated last year
• seriotonctf / AD-Tools
  List of some AD tools I frequently use
  ☆56Updated 2 months ago
• synacktiv / CVE-2024-43468
  ☆94Updated 11 months ago
• Sq00ky / RunAsPasswd
  A RunAs clone with the ability to specify the password as an argument.
  ☆112Updated 2 years ago
• ad0nis / ntlm_relay_gat
  ☆163Updated last year
• adityatelange / evil-winrm-py
  Execute commands interactively on remote Windows machines using the WinRM protocol
  ☆310Updated 2 weeks ago
• Friends-Security / SharpExclusionFinder
  Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
  ☆229Updated last year