Alternatives and similar repositories for CRASH

Users that are interested in CRASH are comparing it to the libraries listed below

• JCSteiner / Emperor-Public

  View on GitHub
  Payload Generation Workflow
  ☆40Jul 18, 2025Updated 6 months ago
• t3l3machus / Synergy-httpx

  View on GitHub
  A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving con…
  ☆137Jul 19, 2024Updated last year
• samisecure / LsassDumpReflectiveDll

  View on GitHub
  Dump Lsass Memory Using a Reflective Dll
  ☆14Feb 4, 2022Updated 4 years ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86

  View on GitHub
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆20Apr 17, 2023Updated 2 years ago
• rbmm / SDD2

  View on GitHub
  Self delete DLL (2)
  ☆14Feb 15, 2024Updated last year
• whokilleddb / SOAPHound

  View on GitHub
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆33May 30, 2024Updated last year
• daddycocoaman / azbelt

  View on GitHub
  AAD related enumeration in Nim
  ☆132Sep 7, 2023Updated 2 years ago
• 4ndr34z / ntlmthief

  View on GitHub
  ☆52Feb 8, 2024Updated 2 years ago
• dievus / msLDAPDump

  View on GitHub
  LDAP enumeration tool implemented in Python3
  ☆224May 20, 2025Updated 8 months ago
• sfewer-r7 / CVE-2023-34362

  View on GitHub
  CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
  ☆64Mar 24, 2024Updated last year
• Helixo32 / SimpleEDR

  View on GitHub
  Simple EDR that injects a DLL into a process to place a hook on specific Windows API
  ☆96Aug 27, 2023Updated 2 years ago
• lefayjey / linWinPwn

  View on GitHub
  linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
  ☆2,149Updated this week
• Octoberfest7 / XLL_Phishing

  View on GitHub
  XLL Phishing Tradecraft
  ☆438May 24, 2022Updated 3 years ago
• vysecurity / OffensiveLAM

  View on GitHub
  A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…
  ☆26Feb 29, 2024Updated last year
• Yair-Men / Passenger

  View on GitHub
  ProcExp Driver (Ab)use
  ☆22Dec 28, 2022Updated 3 years ago
• sensepost / impersonate

  View on GitHub
  A windows token impersonation tool
  ☆320Apr 19, 2023Updated 2 years ago
• dahvidschloss / PILOT

  View on GitHub
  Ping-based Information Lookup and Outbound Transfer
  ☆80Apr 16, 2024Updated last year
• Helixo32 / CrimsonEDR

  View on GitHub
  Simulate the behavior of AV/EDR for malware development training.
  ☆562Feb 15, 2024Updated last year
• n3t1nv4d3 / ADRedTeamEnumScript

  View on GitHub
  Traditional AD RedTeam Full Enumeration Script used to query all aspects of your target Forest.
  ☆43Jun 14, 2024Updated last year
• 61106960 / adPEAS

  View on GitHub
  Powershell tool to automate Active Directory enumeration.
  ☆1,279Sep 9, 2025Updated 5 months ago
• S3cur3Th1sSh1t / EmpEISDecrypt

  View on GitHub
  Decrypt Matrix42 Empirum /EIS Passwords
  ☆14Mar 31, 2021Updated 4 years ago
• rkbennett / icmpsh

  View on GitHub
  Simple reverse ICMP shell
  ☆14Apr 30, 2024Updated last year
• rodolfomarianocy / Unauthenticated-RCE-FUXA-CVE-2023-33831

  View on GitHub
  Description and exploit of CVE-2023-33831 affecting FUXA web-based Process Visualization (SCADA/HMI/Dashboard) software.
  ☆10Oct 27, 2024Updated last year
• Leo4j / Invoke-ADEnum

  View on GitHub
  Active Directory Auditing and Enumeration
  ☆515Dec 3, 2025Updated 2 months ago
• dazzyddos / HSC24RedTeamInfra

  View on GitHub
  Slides and Codes used for the workshop Red Team Infrastructure Automation
  ☆196Apr 14, 2024Updated last year
• tothi / serviceDetector

  View on GitHub
  Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…
  ☆239Sep 3, 2023Updated 2 years ago
• AssuranceMaladieSec / FoxTerrier

  View on GitHub
  Python tool to find vulnerable AD object and generating csv report
  ☆26Jul 4, 2022Updated 3 years ago
• Helixo32 / DetectHooks

  View on GitHub
  Detect userland hooks placed by AV/EDR
  ☆28Sep 4, 2023Updated 2 years ago
• joey-melo / netcredz

  View on GitHub
  With zero dependencies, NetCredz extracts credentials from pcap files or live traffic, supporting NTLM, LDAP, HTTP, SMTP, SNMP, Telnet, F…
  ☆76Dec 2, 2024Updated last year
• Dump-GUY / Get-PDInvokeImports

  View on GitHub
  Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…
  ☆54Apr 10, 2022Updated 3 years ago
• RixedLabs / IDLE-Abuse

  View on GitHub
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆55Apr 4, 2023Updated 2 years ago
• RedTeamOperations / RedCloud-OS

  View on GitHub
  RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…
  ☆674Jun 4, 2024Updated last year
• zh54321 / PoCEntraDeviceComplianceBypass

  View on GitHub
  Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
  ☆167Nov 17, 2025Updated 2 months ago
• termanix / TokenElevation

  View on GitHub
  Token Elevation to authorized user as SYSTEM or Domain Admins
  ☆25Nov 22, 2025Updated 2 months ago
• RePRGM / Erebus

  View on GitHub
  Erebus is a payload generator written in Nim.
  ☆16Jun 13, 2023Updated 2 years ago
• secure-77 / Certipy-Docker

  View on GitHub
  Certipy in Docker
  ☆13Mar 28, 2024Updated last year
• n0tspam / RunspaceLoader

  View on GitHub
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Dec 11, 2023Updated 2 years ago
• keyboardcrunch / sentinelone_usbscan

  View on GitHub
  A custom SentinelOne USB scanner.
  ☆18Mar 26, 2022Updated 3 years ago
• mobdk / winNoise

  View on GitHub
  Execute embedded Mimikatz
  ☆13Nov 24, 2021Updated 4 years ago