Alternatives and similar repositories for PoSHBypass

Users that are interested in PoSHBypass are comparing it to the libraries listed below

• FuzzySecurity / DotNetToJScript-LanguageModeBreakout
  ☆26Updated 6 years ago
• slyd0g / SharpRoast-Parser
  Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.
  ☆32Updated 6 years ago
• G0ldenGunSec / wmiServSessEnum
  .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems
  ☆33Updated 5 years ago
• ThunderGunExpress / ThunderMSI
  ☆28Updated 7 years ago
• ALBY-Project / ALBY
  ☆21Updated 7 years ago
• djhohnstein / CSharpCreateThreadExample
  C# code to run PIC using CreateThread
  ☆17Updated 6 years ago
• NotoriousRebel / ConfigPersist
  Modifies machine.config for persistence after installing signed .net assembly onto GAC
  ☆13Updated 3 years ago
• rvrsh3ll / FlaskRedirectorProtector
  Protect your servers with a secret header
  ☆29Updated 5 years ago
• tevora-threat / c2_reporter
  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
  ☆20Updated 4 years ago
• ThunderGunExpress / Reflective_PSExec
  ☆45Updated 6 years ago
• vletoux / DetectPasswordViaNTLMInFlow
  Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …
  ☆59Updated 6 years ago
• vysecurity / Invoke-ProcessScan
  Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
  ☆45Updated 8 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated 2 years ago
• vysecurity / ShellcodeConversion
  A collection of shell code conversion scripts that I have written over time for repetitive tasks
  ☆19Updated 5 years ago
• ChrisAD / ads-payload
  Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…
  ☆53Updated last year
• curtbraz / Invoke-NeutralizeAV
  Quick PoC I Wrote for Bypassing Next Gen AV Remotely for Pentesting
  ☆41Updated 6 years ago
• maaaaz / mimicertz
  A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates
  ☆24Updated 6 years ago
• outflanknl / Invoke-Templator
  A PowerShell script to parse the docx/docm file format and update the template location.
  ☆17Updated 5 years ago
• infosecn1nja / e2modrewrite
  Convert Empire profiles to Apache mod_rewrite scripts
  ☆28Updated 5 years ago
• attactics / cslogwatch
  Cobalt Strike log state tracking, parsing, and storage
  ☆24Updated 5 years ago
• 0xbadjuju / PowerProvider
  ☆41Updated 6 years ago
• freshness79 / unlock
  Microsoft Applocker evasion tool
  ☆39Updated 5 years ago
• dsnezhkov / RunDllMShim
  Run Managed Assemblies with RunDll
  ☆17Updated 6 years ago
• BorjaMerino / reflectPatcher
  Python script to patch the reflective stub in a DLL
  ☆24Updated 8 years ago
• rmdavy / AmsiPEBWalkVBA
  Walking the PEB in VBA
  ☆23Updated 5 years ago
• djhohnstein / SharpEdge
  C# Implementation of Get-VaultCredential
  ☆14Updated 6 years ago
• trustedsec / inProc_Evade_Get-InjectedThread
  PoC code from blog
  ☆16Updated 5 years ago
• rvrsh3ll / Sharp-Suite
  My musings with C#
  ☆28Updated 2 years ago
• skelsec / LocalNTLMTest
  Tool to acquire netNTLM hashes on a local machine wihtout network traffic
  ☆13Updated 7 years ago
• alfarom256 / ExternalC2Go
  ☆16Updated 5 years ago