Alternatives and similar repositories for crux:

Users that are interested in crux are comparing it to the libraries listed below

• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆61Updated last year
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆70Updated last year
• nopbrick / SeeProxy
  Golang reverse proxy with CobaltStrike malleable profile validation.
  ☆109Updated last year
• h4wkst3r / SharPersist
  Windows Persistence Toolkit in C#
  ☆36Updated 2 years ago
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆66Updated 8 months ago
• praetorian-inc / ADFSRelay
  Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS
  ☆173Updated 2 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆91Updated last year
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• lutzenfried / Delegate
  Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive data
  ☆43Updated last year
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆55Updated 2 years ago
• CodeXTF2 / HavocNotion
  A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …
  ☆83Updated 2 years ago
• sfewer-r7 / CVE-2023-34362
  CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
  ☆63Updated 9 months ago
• d3lb3 / KeePass-the-Hash
  A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…
  ☆31Updated 2 years ago
• njcve / inflate.py
  Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
  ☆119Updated 2 years ago
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆79Updated last year
• kymb0 / Stealth_shellcode_runners
  ☆55Updated 9 months ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• laxa / SharpSecretsdump
  Secretsdump C# version only supporting local (live) operation
  ☆47Updated last year
• LaresLLC / OffensiveSysAdmin
  A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools
  ☆85Updated last year
• bashexplode / cs2webconfig
  Convert Cobalt Strike profiles to IIS web.config files
  ☆112Updated 3 years ago
• OG-Sadpanda / SharpSword
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆117Updated 3 months ago
• emcghee / PayloadAutomation
  ☆119Updated 2 years ago
• quahac / Azure-AD-Password-Checker
  Azure AD Password Checker
  ☆84Updated 10 months ago
• LuemmelSec / CVE-2023-29357
  ☆52Updated last year
• iomoath / PyExchangePasswordSpray
  Microsoft Exchange password spray tool with proxy support.
  ☆40Updated 3 years ago
• bitsadmin / dir2json
  Tool for efficient directory enumeration
  ☆55Updated 2 months ago
• snovvcrash / OffensivePipeline
  OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
  ☆90Updated 2 years ago
• xiosec / Terminator
  PowerShell script to terminate protected processes such as anti-malware and EDRs.
  ☆27Updated last year