Alternatives and similar repositories for windows-privilege-escalation

Users that are interested in windows-privilege-escalation are comparing it to the libraries listed below

• WaterExecution / vulnerable-AD-plus
  Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
  ☆181Updated 2 years ago
• IAMinZoho / OFFSEC-PowerShell
  My Favorite Offensive Security Scripts
  ☆78Updated 7 months ago
• akamai / BadSuccessor
  ☆221Updated 6 months ago
• 0xStarlight / CRTE-Notes
  Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.
  ☆155Updated 2 years ago
• arth0sz / Practice-AD-CS-Domain-Escalation
  Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the w…
  ☆138Updated 2 years ago
• gh0x0st / Get-ReverseShell
  A solution to create obfuscated reverse shells for PowerShell.
  ☆82Updated 3 years ago
• ajm4n / adPEAS
  winPEAS, but for Active Directory
  ☆167Updated 8 months ago
• anonymous300502 / Nuke-AMSI
  NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.
  ☆171Updated last month
• stevenyu113228 / BloodHound-MCP
  ☆154Updated 8 months ago
• seriotonctf / cme-nxc-cheat-sheet
  A cheatsheet for NetExec
  ☆158Updated 5 months ago
• Marmeus / mad-hyperv
  Ansible + Vagrant + Hyper-V + Vulnerable AD 😎
  ☆90Updated last year
• An0nUD4Y / CRTO-Notes
  Certified Red Team Operator (CRTO) Cheatsheet and Checklist
  ☆186Updated last year
• synacktiv / ntdissector
  ☆163Updated 5 months ago
• t3l3machus / ACEshark
  ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…
  ☆119Updated 10 months ago
• LuemmelSec / PwnDoc-Vulns
  ☆174Updated 7 months ago
• V-i-x-x / AMSI-WRITE-RAID-BYPASS
  "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
  ☆313Updated 2 months ago
• boku7 / venom
  Venom C2 is a dependency‑free Python3 Command & Control framework for redteam persistence
  ☆386Updated last month
• k4sth4 / UAC-bypass
  Windows Privilege Escalation
  ☆100Updated last year
• wietze / Invoke-ArgFuscator
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆256Updated 7 months ago
• t0thkr1s / gpp-decrypt
  Tool to parse the Group Policy Preferences XML file which extracts the username and decrypts the cpassword attribute.
  ☆157Updated 4 months ago
• overgrowncarrot1 / Invoke-Everything
  ☆45Updated 2 years ago
• restkhz / ShellcodeEncrypt2DLL
  A script to generate AV evaded(static) DLL shellcode loader with AES encryption.
  ☆138Updated 8 months ago
• Orange-Cyberdefense / LinikatzV2
  linikatz is a tool to attack AD on UNIX
  ☆151Updated 2 years ago
• Ashifcoder / exposelab
  This is a fully automated Active directory Lab made with the purpose to reduce the hustle of creating it manually.
  ☆101Updated 3 months ago
• t3hbb / DefenderCheck
  Identifies the bytes that Microsoft Defender flags on.
  ☆95Updated 3 years ago
• Friends-Security / SharpExclusionFinder
  Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
  ☆224Updated last year
• sheimo / awesome-lolbins-and-beyond
  A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.
  ☆203Updated last year
• helviojunior / knowsmore
  KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).
  ☆259Updated 2 months ago
• wavestone-cdt / powerpxe
  Powershell script to extract information from boot PXE
  ☆152Updated 6 years ago
• xct / winpspy
  CLI monitor for windows process- & file activity
  ☆94Updated 5 years ago