KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).
☆266Dec 15, 2025Updated 3 months ago
Alternatives and similar repositories for knowsmore
Users that are interested in knowsmore are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆91Aug 5, 2023Updated 2 years ago
- Colored Cat is a syntax highlighter file reader.☆15Jun 21, 2024Updated last year
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆901Mar 11, 2026Updated 2 weeks ago
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆372Updated this week
- ☆27Aug 18, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆160Jul 14, 2025Updated 8 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- ☆569Mar 28, 2024Updated last year
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆209Aug 12, 2024Updated last year
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆816Mar 28, 2025Updated 11 months ago
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆424Sep 29, 2025Updated 5 months ago
- ☆59Nov 13, 2024Updated last year
- Demonized Shell is an Advanced Tool for persistence in linux.☆443Jan 5, 2025Updated last year
- Some scripts to abuse kerberos using Powershell☆355Jul 27, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Azure DevOps Services Attack Toolkit☆149Mar 15, 2025Updated last year
- Offensive MSSQL toolkit written in Python, based off SQLRecon☆207Jan 12, 2025Updated last year
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆73Dec 28, 2023Updated 2 years ago
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆31Dec 26, 2023Updated 2 years ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆398Jul 23, 2025Updated 8 months ago
- Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀☆1,135Oct 21, 2024Updated last year
- Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious d…☆41Aug 31, 2023Updated 2 years ago
- Real fucking shellcode encryptor & obfuscator tool☆1,013Jan 7, 2026Updated 2 months ago
- Dump Kerberos tickets from the KCM database of SSSD☆56Dec 31, 2025Updated 2 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Dec 6, 2023Updated 2 years ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆260Aug 13, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆595Jan 5, 2025Updated last year
- Use ESC1 to perform a makeshift DCSync and dump hashes☆210Nov 2, 2023Updated 2 years ago
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆391Jan 20, 2026Updated 2 months ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆44Dec 7, 2024Updated last year
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆362Dec 13, 2025Updated 3 months ago
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Jan 13, 2025Updated last year
- A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embed…☆105Dec 8, 2025Updated 3 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆191Apr 26, 2025Updated 11 months ago
- ☆86May 15, 2025Updated 10 months ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆385Apr 26, 2025Updated 11 months ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆677Oct 23, 2025Updated 5 months ago