Alternatives and similar repositories for Practice-AD-CS-Domain-Escalation:

Users that are interested in Practice-AD-CS-Domain-Escalation are comparing it to the libraries listed below

• seriotonctf / cme-nxc-cheat-sheet
  A cheatsheet for NetExec
  ☆114Updated 2 months ago
• 0xBallpoint / LOAD
  Lord Of Active Directory - automatic vulnerable active directory on AWS
  ☆141Updated last year
• p0dalirius / FindGPPPasswords
  FindGPPPasswords, A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged…
  ☆137Updated this week
• login-securite / conpass
  Continuous password spraying tool
  ☆178Updated last month
• Orange-Cyberdefense / LinikatzV2
  linikatz is a tool to attack AD on UNIX
  ☆145Updated last year
• synacktiv / GPOddity
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆296Updated 4 months ago
• stevenyu113228 / BloodHound-MCP
  ☆79Updated this week
• Leo4j / Invoke-SessionHunter
  Retrieve and display information about active user sessions on remote computers. No admin privileges required.
  ☆181Updated 7 months ago
• logangoins / Cable
  .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
  ☆279Updated this week
• Yaxxine7 / ASRepCatcher
  Make everyone in your VLAN ASRep roastable
  ☆187Updated last month
• anonymous300502 / Nuke-AMSI
  NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.
  ☆149Updated 2 months ago
• decoder-it / KrbRelay-SMBServer
  ☆213Updated 5 months ago
• 0xStarlight / CRTE-Notes
  Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.
  ☆126Updated last year
• coffeegist / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆203Updated 3 months ago
• LuemmelSec / PwnDoc-Vulns
  ☆141Updated 4 months ago
• restkhz / ShellcodeEncrypt2DLL
  A script to generate AV evaded(static) DLL shellcode loader with AES encryption.
  ☆102Updated last week
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆170Updated 2 years ago
• xforcered / SoaPy
  SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
  ☆174Updated last month
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆160Updated 4 months ago
• 0xJs / CARTP-cheatsheet
  Azure AD cheatsheet for the CARTP course
  ☆110Updated 2 years ago
• sensepost / susinternals
  psexecsvc - a python implementation of PSExec's native service implementation
  ☆188Updated last month
• powerseb / PowerExtract
  ☆117Updated last week
• dadevel / mssql-spider
  Automated exploitation of MSSQL servers at scale
  ☆108Updated this week
• asmtlab / snafflepy
  Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler
  ☆98Updated 5 months ago
• g0h4n / RustHound-CE
  Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
  ☆181Updated last month
• CyberSecurityUP / Awesome-EDR-Evasion
  ☆81Updated last month
• t3hbb / DefenderCheck
  Identifies the bytes that Microsoft Defender flags on.
  ☆84Updated 2 years ago
• Flangvik / ObfuscatedSharpCollection
  Attempt at Obfuscated version of SharpCollection
  ☆206Updated this week
• yehia-mamdouh / Shell3er
  PowerShell Reverse Shell
  ☆61Updated last year
• synacktiv / SCCMSecrets
  SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
  ☆205Updated 3 months ago