A crossplatform mDNS enumeration tool.
☆363Sep 25, 2022Updated 3 years ago
Alternatives and similar repositories for spycast
Users that are interested in spycast are comparing it to the libraries listed below
Sorting:
- Roast in the Middle☆294Sep 19, 2025Updated 5 months ago
- it is very good☆515Dec 20, 2022Updated 3 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆536Aug 1, 2022Updated 3 years ago
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- macOS Initial Access Payload Generator☆323Jan 10, 2024Updated 2 years ago
- ☆78Oct 18, 2022Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configur…☆413May 29, 2024Updated last year
- Get Fine Grained Password Policy☆77Apr 15, 2025Updated 10 months ago
- Sandman is a NTP based backdoor for hardened networks.☆815Mar 31, 2024Updated last year
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆322Sep 23, 2022Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).☆199Sep 19, 2022Updated 3 years ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆500Jan 23, 2023Updated 3 years ago
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆398Aug 15, 2025Updated 6 months ago
- Microsoft Signed PowerShell scripts☆219Mar 14, 2023Updated 2 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,470Aug 18, 2023Updated 2 years ago
- A tool that removes traces of executed applications on Windows OS.☆122Sep 4, 2022Updated 3 years ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,230Aug 18, 2023Updated 2 years ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆671Oct 23, 2025Updated 4 months ago
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆301Mar 1, 2023Updated 3 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆125Apr 9, 2022Updated 3 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- ☆243Nov 21, 2024Updated last year
- D3Ext's Forward Shell☆120Oct 15, 2023Updated 2 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- DLL sideloading/proxying with Nim!☆173Dec 4, 2022Updated 3 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,369Oct 22, 2025Updated 4 months ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- ☆477Nov 20, 2022Updated 3 years ago
- Windows Oracle Database Attack Toolkit☆80Jul 30, 2022Updated 3 years ago
- Outlook persistence using VSTO add-ins☆87Jan 9, 2021Updated 5 years ago
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆622Sep 26, 2023Updated 2 years ago
- MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash☆795Sep 30, 2022Updated 3 years ago
- Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (c…☆1,051Nov 9, 2024Updated last year
- Python module for running BOFs☆79Nov 28, 2025Updated 3 months ago
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.☆147Sep 8, 2022Updated 3 years ago
- Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀☆1,128Oct 21, 2024Updated last year