Alternatives and similar repositories for PoSHBypass

Users that are interested in PoSHBypass are comparing it to the libraries listed below

• FuzzySecurity / DotNetToJScript-LanguageModeBreakout
  ☆26Updated 6 years ago
• slyd0g / SharpRoast-Parser
  Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.
  ☆32Updated 6 years ago
• ThunderGunExpress / ThunderMSI
  ☆28Updated 7 years ago
• G0ldenGunSec / wmiServSessEnum
  .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems
  ☆33Updated 5 years ago
• ALBY-Project / ALBY
  ☆21Updated 7 years ago
• BorjaMerino / reflectPatcher
  Python script to patch the reflective stub in a DLL
  ☆24Updated 8 years ago
• curtbraz / Invoke-NeutralizeAV
  Quick PoC I Wrote for Bypassing Next Gen AV Remotely for Pentesting
  ☆41Updated 6 years ago
• upils / redirect-lib
  Library of traffic redirectors
  ☆26Updated 5 years ago
• djhohnstein / CSharpCreateThreadExample
  C# code to run PIC using CreateThread
  ☆17Updated 6 years ago
• vletoux / DetectPasswordViaNTLMInFlow
  Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …
  ☆59Updated 6 years ago
• rvrsh3ll / FlaskRedirectorProtector
  Protect your servers with a secret header
  ☆29Updated 4 years ago
• bohops / IISAppPoolCreds
  Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.
  ☆14Updated 7 years ago
• infosecn1nja / e2modrewrite
  Convert Empire profiles to Apache mod_rewrite scripts
  ☆28Updated 5 years ago
• NotoriousRebel / ConfigPersist
  Modifies machine.config for persistence after installing signed .net assembly onto GAC
  ☆13Updated 3 years ago
• rmdavy / AmsiPEBWalkVBAx64
  ☆15Updated 5 years ago
• rmdavy / AmsiPEBWalkVBA
  Walking the PEB in VBA
  ☆23Updated 5 years ago
• rvrsh3ll / SharpSSDP
  SSDP Service Discovery
  ☆17Updated 6 years ago
• tevora-threat / c2_reporter
  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
  ☆20Updated 4 years ago
• freshness79 / unlock
  Microsoft Applocker evasion tool
  ☆39Updated 5 years ago
• curi0usJack / psfire
  simple demo of using C# & System.Management.Automation.dll to run powershell code (b64 encoded) without powershell.exe
  ☆14Updated 8 years ago
• maaaaz / mimicertz
  A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates
  ☆24Updated 6 years ago
• attactics / cslogwatch
  Cobalt Strike log state tracking, parsing, and storage
  ☆24Updated 5 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆43Updated 6 years ago
• kafkaesqu3 / subtee-gist-mirror
  few months old but better than nothing
  ☆58Updated 3 years ago
• vysecurity / Invoke-ProcessScan
  Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
  ☆45Updated 7 years ago
• SecurityJosh / MuteSysmon
  A PowerShell script to prevent Sysmon from writing its events
  ☆15Updated 5 years ago
• ConsciousHacker / GreatSCT
  The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…
  ☆30Updated 7 years ago
• ThunderGunExpress / Reflective_PSExec
  ☆45Updated 6 years ago
• vletoux / OxidBindings
  Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
  ☆26Updated 5 years ago
• skelsec / LocalNTLMTest
  Tool to acquire netNTLM hashes on a local machine wihtout network traffic
  ☆13Updated 7 years ago