Alternatives and similar repositories for shadow:

Users that are interested in shadow are comparing it to the libraries listed below

• ThunderGunExpress / ThunderMSI
  ☆28Updated 7 years ago
• tevora-threat / c2_reporter
  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
  ☆20Updated 4 years ago
• shantanu561993 / heroku-reverse-proxy
  Spin up a reverse proxy quickly on Heroku
  ☆13Updated 4 years ago
• infosecn1nja / e2modrewrite
  Convert Empire profiles to Apache mod_rewrite scripts
  ☆27Updated 5 years ago
• EncodeGroup / AggressorScripts
  Simple Aggressor Scripts for Cobalt Strike
  ☆12Updated 4 years ago
• vysecurity / WindfarmDynamite-CNA
  CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe
  ☆16Updated 5 years ago
• breakid / RedReaper
  This tool is designed to simplify and automate the extraction and organization of useful data from Cobalt Strike logs.
  ☆18Updated 5 years ago
• G0ldenGunSec / wmiServSessEnum
  .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems
  ☆33Updated 5 years ago
• rvrsh3ll / SharpSSDP
  SSDP Service Discovery
  ☆16Updated 6 years ago
• NotMedic / SocksLauncher
  ☆14Updated 5 years ago
• homjxi0e / Privilege-escalation-Mafia
  Windows privilege escalation Mafia is a framework provides all resources needed for privilege escalation beginners
  ☆12Updated 3 years ago
• slyd0g / SharpRoast-Parser
  Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.
  ☆32Updated 6 years ago
• two06 / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆15Updated 4 years ago
• NotoriousRebel / ConfigPersist
  Modifies machine.config for persistence after installing signed .net assembly onto GAC
  ☆12Updated 3 years ago
• xenoscr / SharpMailBOF
  A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.
  ☆14Updated 3 years ago
• alfarom256 / ExternalC2Go
  ☆16Updated 5 years ago
• djhohnstein / CSharpCreateThreadExample
  C# code to run PIC using CreateThread
  ☆17Updated 5 years ago
• 001SPARTaN / SaltedCaramel
  Apfell implant written in C#.
  ☆8Updated 4 years ago
• djhohnstein / SharpEdge
  C# Implementation of Get-VaultCredential
  ☆13Updated 6 years ago
• leonjza / tc2
  treafik fronted c2 examples
  ☆26Updated 4 years ago
• rmdavy / AmsiPEBWalkVBAx64
  ☆14Updated 4 years ago
• stufus / shellcode-implant-stub
  Source code in Win32 ASM and C for a shellcode execution wrapper designed to mitigate the risk of shellcode execution on a host other tha…
  ☆19Updated 8 years ago
• bufferbandit / leak.docx
  Leak windows system info through a docx file
  ☆12Updated 5 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated last year
• gquere / PulseSecure_session_hijacking
  Attacking and defending web and VPN session hijacking in Pulse Secure Connect
  ☆14Updated 5 years ago
• trustedsec / inProc_Evade_Get-InjectedThread
  PoC code from blog
  ☆16Updated 5 years ago
• Stealthbits / RIDHijackingProofofConceptKJ
  RID Hijacking Proof of Concept script by Kevin Joyce
  ☆15Updated 6 years ago
• rvrsh3ll / UACSilentCleanup
  ☆14Updated 5 years ago
• bitsadmin / cobaltstrike
  Everything related to Cobalt Strike
  ☆15Updated 5 years ago
• bohops / IISAppPoolCreds
  Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.
  ☆14Updated 7 years ago