Alternatives and similar repositories for WMI_Backdoor:

Users that are interested in WMI_Backdoor are comparing it to the libraries listed below

• Cn33liz / StarFighters
  A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.
  ☆320Updated 7 years ago
• mubix / netview
  Netview enumerates systems using WinAPI calls
  ☆294Updated 3 years ago
• Kevin-Robertson / Tater
  Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec
  ☆449Updated 8 years ago
• interference-security / empire-web
  PowerShell Empire Web Interface
  ☆330Updated last year
• RedSiege / WMIOps
  This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.
  ☆383Updated 9 months ago
• klsecservices / Invoke-Vnc
  Powershell VNC injector
  ☆336Updated 4 years ago
• johnnyDEP / OWA-Toolkit
  Powershell module to assist in attacking Exchange/Outlook Web Access
  ☆180Updated 8 years ago
• secabstraction / WmiSploit
  ☆164Updated 9 years ago
• xorrior / RandomPS-Scripts
  PowerShell Scripts focused on Post-Exploitation Capabilities
  ☆318Updated 7 years ago
• cobbr / ObfuscatedEmpire
  ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.
  ☆228Updated 7 years ago
• Ben0xA / nps
  Not PowerShell
  ☆445Updated 8 years ago
• ztgrace / sticky_keys_hunter
  A script to test an RDP host for sticky keys and utilman backdoor.
  ☆259Updated 8 years ago
• 3gstudent / List-RDP-Connections-History
  Use powershell to list the RDP Connections History of logged-in users or all users
  ☆262Updated 4 years ago
• ramen0x3f / AggressorScripts
  ☆272Updated 2 years ago
• OneLogicalMyth / zeroday-powershell
  A PowerShell example of the Windows zero day priv esc
  ☆326Updated 6 years ago
• enigma0x3 / Powershell-Payload-Excel-Delivery
  Uses Invoke-Shellcode to execute a payload and persist on the system.
  ☆113Updated 8 years ago
• vysecurity / morphHTA
  morphHTA - Morphing Cobalt Strike's evil.HTA
  ☆521Updated 2 years ago
• quickbreach / ExchangeRelayX
  An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.
  ☆303Updated 2 years ago
• trustedsec / spraywmi
  SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on …
  ☆253Updated 9 years ago
• bhdresh / lazykatz
  Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software…
  ☆198Updated 7 years ago
• xorrior / RemoteRecon
  Remote Recon and Collection
  ☆449Updated 7 years ago
• Cn33liz / CScriptShell
  CScriptShell, a Powershell Host running within cscript.exe
  ☆160Updated 8 years ago
• p3nt4 / Invoke-Piper
  Forward local or remote tcp ports through SMB pipes.
  ☆295Updated 4 years ago
• HarmJ0y / PowerUp
  This version of PowerUp is now unsupported. See https://github.com/Veil-Framework/PowerTools/tree/master/PowerUp for the most current ver…
  ☆244Updated 7 years ago
• cyberark / ketshash
  A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
  ☆170Updated last month
• tevora-threat / eternal_blue_powershell
  Port of eternal blue exploits to powershell
  ☆150Updated 7 years ago
• Arno0x / WebDavC2
  A WebDAV PROPFIND C2 tool
  ☆119Updated 5 years ago
• ZonkSec / persistence-aggressor-script
  initial commit
  ☆172Updated 6 years ago
• Hood3dRob1n / JSRat-Py
  This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows O…
  ☆302Updated 8 years ago
• DamonMohammadbagher / Meterpreter_Payload_Detection
  Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
  ☆162Updated last year