django-88 / NomadScannerLinks
☆164Updated 6 months ago
Alternatives and similar repositories for NomadScanner
Users that are interested in NomadScanner are comparing it to the libraries listed below
Sorting:
- A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …☆207Updated 4 months ago
- Group Policy Objects manipulation and exploitation framework☆264Updated 3 weeks ago
- Python alternative to Mimikatz lsadump::dcshadow☆155Updated 4 months ago
- Founding is a generator that will create a loader encrypted or obfuscated with different execution types☆95Updated 2 months ago
- PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph☆263Updated 2 weeks ago
- Enumerate Domain Users Without Authentication☆269Updated 6 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆247Updated 5 months ago
- Generate and Manage KeyCredentialLinks☆174Updated 3 weeks ago
- Our Tips&Tricks☆126Updated 8 months ago
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆206Updated last month
- APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files☆93Updated 6 months ago
- Automating the MITM attack on WSUS☆274Updated 3 weeks ago
- ☆148Updated 5 months ago
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆177Updated last month
- Enumerate active EDR's on the system☆139Updated last month
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆156Updated 3 months ago
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.☆254Updated last week
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆177Updated 5 months ago
- ☆141Updated 3 weeks ago
- SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆145Updated 3 months ago
- PoC that downloads an executable from a public SSL certificate☆130Updated 3 months ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆266Updated 11 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆166Updated 6 months ago
- Persist like a Dodder☆65Updated 5 months ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆87Updated 7 months ago
- The different ways to dump lsass☆193Updated 2 months ago
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆154Updated last year
- An interactive shell to spoof some LOLBins command line☆186Updated last year
- Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephe…☆358Updated 3 weeks ago