Alternatives and similar repositories for Invoke-Pre2kSpray

Users that are interested in Invoke-Pre2kSpray are comparing it to the libraries listed below

• mertdas / SharpLateral
  Lateral Movement
  ☆124Updated last year
• danti1988 / adcshunter
  Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.
  ☆82Updated last year
• powerseb / PowerExtract
  ☆119Updated 6 months ago
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆42Updated last year
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated 2 years ago
• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆55Updated last year
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆139Updated last year
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆91Updated last year
• lefayjey / SharpSQLPwn
  C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments
  ☆112Updated 3 years ago
• nettitude / SharpConflux
  ☆65Updated last year
• synacktiv / AADOutsider-py
  Python3 rewrite of AsOutsider features of AADInternals
  ☆55Updated 3 months ago
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆63Updated last year
• Yeeb1 / SharpLansweeperDecrypt
  Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.
  ☆40Updated 10 months ago
• myexploit / living_off_the_land
  ☆44Updated last year
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆74Updated 2 years ago
• rasta-mouse / SpawnWith
  ☆109Updated 8 months ago
• puzzlepeaches / NTLMRecon
  Enumerate information from NTLM authentication enabled web endpoints 🔎
  ☆34Updated 2 years ago
• OtterHacker / AWSRedirector
  ☆57Updated 8 months ago
• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆88Updated 10 months ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Updated 8 months ago
• skelsec / adiskreader-secretsdump
  Extract registry and NTDS secrets from local or remote disk images
  ☆43Updated 7 months ago
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆75Updated last year
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆98Updated 2 years ago
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆94Updated last year
• temp43487580 / EntraPassTheCert
  tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it
  ☆124Updated 2 months ago
• synacktiv / CVE-2024-43468
  ☆92Updated 9 months ago
• n0tspam / RunspaceLoader
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Updated last year
• Thunter-HackTeam / EvilentCoerce
  ☆148Updated 5 months ago
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆158Updated last year
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆96Updated 5 months ago