KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).
☆268Dec 15, 2025Updated 6 months ago
Alternatives and similar repositories for knowsmore
Users that are interested in knowsmore are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆91Aug 5, 2023Updated 2 years ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆920Jun 4, 2026Updated last week
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆377Mar 24, 2026Updated 2 months ago
- ☆27Aug 18, 2023Updated 2 years ago
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆159May 25, 2026Updated 3 weeks ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- ☆570Mar 28, 2024Updated 2 years ago
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆206Aug 12, 2024Updated last year
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆819Mar 28, 2025Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆437Sep 29, 2025Updated 8 months ago
- ☆59Nov 13, 2024Updated last year
- Demonized Shell is an Advanced Tool for persistence in linux.☆450Jan 5, 2025Updated last year
- Some scripts to abuse kerberos using Powershell☆359Apr 10, 2026Updated 2 months ago
- Azure DevOps Services Attack Toolkit☆155Apr 29, 2026Updated last month
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Offensive MSSQL toolkit written in Python, based off SQLRecon☆211May 8, 2026Updated last month
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆74Dec 28, 2023Updated 2 years ago
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆32Dec 26, 2023Updated 2 years ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆400Jul 23, 2025Updated 10 months ago
- Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀☆1,154Oct 21, 2024Updated last year
- Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious d…☆41Aug 31, 2023Updated 2 years ago
- Shellcode encryptor & obfuscator tool☆1,025May 23, 2026Updated 3 weeks ago
- Dump Kerberos tickets from the KCM database of SSSD☆58Dec 31, 2025Updated 5 months ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Dec 6, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆262Aug 13, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆196Feb 6, 2025Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆605Jan 5, 2025Updated last year
- Use ESC1 to perform a makeshift DCSync and dump hashes☆211Nov 2, 2023Updated 2 years ago
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- Ask a TGS on behalf of another user without password☆481Mar 30, 2025Updated last year
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆397Jan 20, 2026Updated 4 months ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆46Dec 7, 2024Updated last year
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Jan 13, 2025Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆366Dec 13, 2025Updated 6 months ago
- A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embed…☆108Dec 8, 2025Updated 6 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆191Apr 26, 2025Updated last year
- ☆88May 15, 2025Updated last year
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆387Apr 26, 2025Updated last year
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆696Oct 23, 2025Updated 7 months ago
- exfiltration/infiltration toolkit☆23Dec 20, 2023Updated 2 years ago