The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. π₯·
β1,804Sep 18, 2025Updated 5 months ago
Alternatives and similar repositories for legba
Users that are interested in legba are comparing it to the libraries listed below
Sorting:
- Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.β1,259Dec 9, 2025Updated 2 months ago
- Active Directory data ingestor for BloodHound Legacy written in Rust. π¦β1,127Oct 21, 2024Updated last year
- The Network Execution Toolβ5,279Updated this week
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.β¦β892Feb 18, 2026Updated last week
- Dump NTDS with golden certificates and UnPAC the hashβ647Mar 20, 2024Updated last year
- βοΈπ€« Stealth redirector for your red team operation securityβ1,066Jul 6, 2025Updated 7 months ago
- β568Mar 28, 2024Updated last year
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.β372Sep 29, 2025Updated 5 months ago
- Dominate Active Directory with PowerShell.β1,164Nov 28, 2025Updated 2 months ago
- Legba recipes.β51Aug 21, 2024Updated last year
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.β2,182Jan 5, 2026Updated last month
- Real fucking shellcode encryptor & obfuscator toolβ1,012Jan 7, 2026Updated last month
- Dump cookies and credentials directly from Chrome/Edge process memoryβ1,408Jan 19, 2026Updated last month
- smbclient-ng, a fast and user friendly way to interact with SMB shares.β1,013Feb 1, 2026Updated 3 weeks ago
- The swiss army knife of LSASS dumpingβ2,072Sep 17, 2024Updated last year
- β341Nov 10, 2025Updated 3 months ago
- AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover seβ¦β1,472Jan 23, 2026Updated last month
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.β537Nov 14, 2025Updated 3 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Direβ¦β862Feb 3, 2024Updated 2 years ago
- DPAPI looting remotely and locally in Pythonβ541Oct 7, 2025Updated 4 months ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercerβ738May 19, 2023Updated 2 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accountsβ1,369Oct 22, 2025Updated 4 months ago
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUSTβ721Aug 18, 2023Updated 2 years ago
- Apply a divide and conquer approach to bypass EDRsβ287Oct 19, 2023Updated 2 years ago
- β307Mar 15, 2025Updated 11 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the β¦β1,821Nov 3, 2024Updated last year
- Tool to remotely dump secrets from the Windows registryβ522Nov 18, 2025Updated 3 months ago
- Extract credentials from lsass remotelyβ2,178Dec 24, 2025Updated 2 months ago
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.β1,562Aug 20, 2024Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniβ¦β1,367Oct 27, 2023Updated 2 years ago
- BloodyAD is an Active Directory Privilege Escalation Frameworkβ2,092Jan 31, 2026Updated last month
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).β586Mar 19, 2024Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.β1,198Oct 16, 2023Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.β614Jan 2, 2025Updated last year
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.β779Oct 16, 2025Updated 4 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.β433Dec 21, 2023Updated 2 years ago
- An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.β4,301Feb 15, 2026Updated last week
- New generation of wmiexec.pyβ1,254Jan 5, 2026Updated last month
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run commandβ1,606Jul 10, 2023Updated 2 years ago