its-a-feature/Orchard

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/its-a-feature/Orchard)

its-a-feature / Orchard

JavaScript for Automation (JXA) tool to do Active Directory enumeration.

☆107

Alternatives and similar repositories for Orchard

Users that are interested in Orchard are comparing it to the libraries listed below

Sorting:

its-a-feature / HealthInspector
View on GitHub
JXA situational awareness helper by simply reading specific files on a filesystem
☆82Feb 17, 2026Updated 2 weeks ago
its-a-feature / bifrost
View on GitHub
Objective-C library and console to interact with Heimdal APIs for macOS Kerberos
☆154Jul 12, 2023Updated 2 years ago
its-a-feature / KeytabParser
View on GitHub
Python script to parse Keytab files for macOS or *nix (typically /etc/krb5.keytab)
☆41Jun 19, 2019Updated 6 years ago
cedowens / SwiftBelt-JXA
View on GitHub
JXA implementation of some SwiftBelt functions. Author: Cedric Owens
☆46Jun 22, 2023Updated 2 years ago
ByteJunkies-co-uk / Metsubushi
View on GitHub
Generate droppers with encrypted payloads automatically.
☆54Nov 16, 2021Updated 4 years ago
its-a-feature / offensive_macos
View on GitHub
Tracking of offensive macOS tooling, blogs, and related helpful information
☆192Nov 18, 2024Updated last year
D00MFist / PersistentJXA
View on GitHub
Collection of macOS persistence methods and miscellaneous tools in JXA
☆288Aug 3, 2023Updated 2 years ago
cedowens / Dylib_Runner
View on GitHub
Swift code to run a dylib on disk
☆16May 9, 2022Updated 3 years ago
slyd0g / WhiteChocolateMacademiaNut
View on GitHub
Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies
☆187Mar 19, 2023Updated 2 years ago
xorrior / apfell-chrome-extension-c2server
View on GitHub
Apfell C2 Server for the Google Chrome Extension Payload
☆12Aug 12, 2020Updated 5 years ago
cedowens / JXA-Runner
View on GitHub
Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.
☆23Apr 22, 2021Updated 4 years ago
its-a-feature / LockSmith
View on GitHub
ObjectiveC CLI tool for interacting with macOS Keychain
☆82Oct 10, 2022Updated 3 years ago
cube0x0 / LdapSignCheck
View on GitHub
Beacon Object File & C# project to check LDAP signing
☆199Aug 7, 2024Updated last year
connormcgarr / cThreadHijack
View on GitHub
Beacon Object File (BOF) for remote process injection via thread hijacking
☆220Jan 13, 2021Updated 5 years ago
its-a-feature / loginItemManipulator
View on GitHub
☆15May 26, 2021Updated 4 years ago
Henkru / cs-token-vault
View on GitHub
In-memory token vault BOF for Cobalt Strike
☆149Aug 18, 2022Updated 3 years ago
EncodeGroup / BOF-RegSave
View on GitHub
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
☆216Oct 8, 2020Updated 5 years ago
ajpc500 / RelayRumbler
View on GitHub
A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.
☆17Jul 2, 2021Updated 4 years ago
werdhaihai / AtlasReaper
View on GitHub
A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
☆271Sep 14, 2023Updated 2 years ago
kyleavery / inject-assembly
View on GitHub
Inject .NET assemblies into an existing process
☆507Jan 19, 2022Updated 4 years ago
FSecureLABS / CalendarPersist
View on GitHub
JXA script to allow programmatic persistence via macOS Calendar.app alerts.
☆44Oct 31, 2020Updated 5 years ago
EspressoCake / Toggle_Token_Privileges_BOF
View on GitHub
Syscall BOF to arbitrarily add/detract process token privilege rights.
☆61Jul 10, 2024Updated last year
breakpointHQ / TCC-ClickJacking
View on GitHub
A proof of concept for a clickjacking attack on macOS.
☆97Feb 12, 2024Updated 2 years ago
cube0x0 / BofRoast
View on GitHub
Beacon Object Files for roasting Active Directory
☆235Feb 21, 2022Updated 4 years ago
improsec / CaddyStager
View on GitHub
☆40May 21, 2022Updated 3 years ago
D00MFist / Mystikal
View on GitHub
macOS Initial Access Payload Generator
☆324Jan 10, 2024Updated 2 years ago
matterpreter / SHAPESHIFTER
View on GitHub
Companion PoC for the "Adventures in Dynamic Evasion" blog post
☆129May 25, 2021Updated 4 years ago
XMCyber / MacHound
View on GitHub
☆99Feb 16, 2021Updated 5 years ago
outflanknl / FindObjects-BOF
View on GitHub
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
☆275May 3, 2023Updated 2 years ago
cedowens / Spotlight-Enum-Kit
View on GitHub
JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.
☆40Apr 20, 2022Updated 3 years ago
frkngksl / NiCOFF
View on GitHub
COFF and BOF Loader written in Nim
☆175Aug 1, 2022Updated 3 years ago
xorrior / apfell-chrome-ext-payload
View on GitHub
Apfell POC Chrome Extension Payload
☆10Jun 24, 2020Updated 5 years ago
netero1010 / Quser-BOF
View on GitHub
Cobalt Strike BOF for quser.exe implementation using Windows API
☆87Mar 22, 2023Updated 2 years ago
OG-Sadpanda / SharpExcelibur
View on GitHub
Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly
☆90Sep 30, 2024Updated last year
mdsecactivebreach / Farmer
View on GitHub
☆415Apr 28, 2021Updated 4 years ago
mdsecactivebreach / Execute-GithubAssembly-Aggressor
View on GitHub
Aggressor Script to Execute Assemblies from Github
☆71Nov 30, 2020Updated 5 years ago
rkbennett / pybof
View on GitHub
Python module for running BOFs
☆80Nov 28, 2025Updated 3 months ago
TheWover / ModuleMonitor
View on GitHub
Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…
☆42May 9, 2019Updated 6 years ago
rvrsh3ll / SharpExcel4-DCOM
View on GitHub
Port of Invoke-Excel4DCOM
☆104Oct 12, 2019Updated 6 years ago