Alternatives and similar repositories for windows-privilege-escalation

Users that are interested in windows-privilege-escalation are comparing it to the libraries listed below

• WaterExecution / vulnerable-AD-plus
  Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
  ☆156Updated 2 years ago
• stevenyu113228 / BloodHound-MCP
  ☆154Updated 5 months ago
• arth0sz / Practice-AD-CS-Domain-Escalation
  Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the w…
  ☆135Updated 2 years ago
• synacktiv / ntdissector
  ☆159Updated 2 months ago
• An0nUD4Y / CRTO-Notes
  Certified Red Team Operator (CRTO) Cheatsheet and Checklist
  ☆160Updated last year
• wietze / Invoke-ArgFuscator
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆240Updated 5 months ago
• anonymous300502 / Nuke-AMSI
  NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.
  ☆165Updated 2 months ago
• akamai / BadSuccessor
  ☆195Updated 3 months ago
• 0xStarlight / CRTE-Notes
  Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.
  ☆148Updated 2 years ago
• seriotonctf / cme-nxc-cheat-sheet
  A cheatsheet for NetExec
  ☆139Updated 3 months ago
• ajm4n / adPEAS
  winPEAS, but for Active Directory
  ☆160Updated 5 months ago
• Leo4j / Invoke-SessionHunter
  Retrieve and display information about active user sessions on remote computers. No admin privileges required.
  ☆192Updated last year
• t0thkr1s / gpp-decrypt
  Tool to parse the Group Policy Preferences XML file which extracts the username and decrypts the cpassword attribute.
  ☆140Updated last month
• fashionproof / EnableAllTokenPrivs
  ☆90Updated 5 years ago
• Pennyw0rth / NetExec-Lab
  Lab used for workshop and CTF
  ☆271Updated last month
• gh0x0st / Get-ReverseShell
  A solution to create obfuscated reverse shells for PowerShell.
  ☆80Updated 3 years ago
• AetherBlack / abuseACL
  A python script to automatically list vulnerable Windows ACEs/ACLs.
  ☆61Updated 2 months ago
• IAMinZoho / OFFSEC-PowerShell
  My Favorite Offensive Security Scripts
  ☆76Updated 4 months ago
• xct / winpspy
  CLI monitor for windows process- & file activity
  ☆90Updated 4 years ago
• Marmeus / mad-hyperv
  Ansible + Vagrant + Hyper-V + Vulnerable AD 😎
  ☆91Updated last year
• t3l3machus / ACEshark
  ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…
  ☆115Updated 8 months ago
• ajm4n / DLLHound
  Find potential DLL Sideloads on your windows computer
  ☆213Updated 8 months ago
• tijldeneut / dpapilab-ng
  DPAPILAB Next Gen, script collection
  ☆90Updated 3 years ago
• yoda66 / MAAS
  Malware As A Service
  ☆135Updated last year
• t3hbb / DefenderCheck
  Identifies the bytes that Microsoft Defender flags on.
  ☆89Updated 3 years ago
• sheimo / awesome-lolbins-and-beyond
  A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.
  ☆191Updated 10 months ago
• 0xBallpoint / LOAD
  Lord Of Active Directory - automatic vulnerable active directory on AWS
  ☆147Updated last year
• TheManticoreProject / FindGPPPasswords
  A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts
  ☆164Updated 2 months ago
• mrtouch93 / OSED-Notes
  Some notes + exercises that I've done during my study for the Offensive Security Exploit Developer.
  ☆69Updated 2 years ago
• hmaverickadams / autoNTDS
  autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat
  ☆109Updated last year