Alternatives and similar repositories for BadSuccessor

Users that are interested in BadSuccessor are comparing it to the libraries listed below

• OtterHacker / AWSRedirector
  ☆57Updated 5 months ago
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆78Updated 5 months ago
• OleFredrik1 / remoteKrbRelayx
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆124Updated 3 weeks ago
• Thunter-HackTeam / EvilentCoerce
  ☆144Updated 3 months ago
• ghost-ng / slinger
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆51Updated 3 weeks ago
• dmcxblue / AzureFunctionRedirector
  ☆47Updated 4 months ago
• sagiol / Terms-of-What
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆37Updated last month
• 0xb11a1 / sliver_extension_uac_bypass_cmstp
  Sliver extension to bypass UAC via cmstp written in rust
  ☆29Updated last year
• Yeeb1 / SharpLansweeperDecrypt
  Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.
  ☆38Updated 8 months ago
• dmcxblue / PyObscura
  A python script that automates a C2 Profile build
  ☆43Updated 4 months ago
• JumpsecLabs / WALK_WebAssembly_Lure_Krafter
  A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …
  ☆89Updated 11 months ago
• m8sec / Dispatch
  Evasive Payload Delivery Server & C2 Redirector
  ☆59Updated last week
• Tarakhs / ToyingWithHellsGate
  Brief writeup of post exploitation methodologies.
  ☆18Updated last year
• rasta-mouse / SpawnWith
  ☆108Updated 5 months ago
• temp43487580 / EntraPassTheCert
  tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it
  ☆122Updated last month
• andreisss / Living-off-the-COM-Type-Coercion-Abuse
  This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…
  ☆49Updated 2 months ago
• mallo-m / AxiomDumper
  Lsass dumper evading (some) EDR detection
  ☆25Updated 5 months ago
• netero1010 / SCCMVNC
  A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…
  ☆94Updated 9 months ago
• p4p1 / havoc-privkit
  a port of privkit bof for havoc
  ☆23Updated last year
• Sh3lldon / HellsVectoredGate
  ☆45Updated last month
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆122Updated 10 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆116Updated last year
• AlmondOffSec / DCOMRunAs
  Lateral movement with DCOM DLL hijacking
  ☆136Updated last month
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆41Updated last year
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆91Updated last year
• The-Viper-One / Invoke-PassTheCert
  Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆47Updated 4 months ago
• S3cur3Th1sSh1t / My-starred-Repositories
  This is my starred repositories including the description for each tool. Makes search/filter over them easier.
  ☆52Updated 5 months ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆149Updated 6 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆95Updated 3 months ago
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆82Updated 8 months ago