Alternatives and similar repositories for DCSyncer

Users that are interested in DCSyncer are comparing it to the libraries listed below

• zblurx / certsync

  View on GitHub
  Dump NTDS with golden certificates and UnPAC the hash
  ☆647Mar 20, 2024Updated last year
• G0ldenGunSec / SharpSecDump

  View on GitHub
  .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
  ☆610Feb 16, 2023Updated 2 years ago
• anthemtotheego / Detect-Hooks

  View on GitHub
  Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
  ☆158Jul 22, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SharpNamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆313Nov 29, 2023Updated 2 years ago
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆321Jul 2, 2023Updated 2 years ago
• mitchmoser / SharpShares

  View on GitHub
  Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
  ☆372Sep 20, 2025Updated 4 months ago
• CCob / MirrorDump

  View on GitHub
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆269Mar 18, 2021Updated 4 years ago
• Rvn0xsy / ZeroLogon

  View on GitHub
  CVE-2020-1472 C++
  ☆84Sep 2, 2022Updated 3 years ago
• Ridter / RelayX

  View on GitHub
  NTLM relay test.
  ☆195Jun 26, 2025Updated 7 months ago
• JamesCooteUK / SharpSphere

  View on GitHub
  .NET Project for Attacking vCenter
  ☆553Nov 11, 2021Updated 4 years ago
• OmriBaso / RToolZ

  View on GitHub
  A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
  ☆326Jan 31, 2023Updated 3 years ago
• mgeeky / ElusiveMice

  View on GitHub
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆482Jul 12, 2023Updated 2 years ago
• RicterZ / PySharpSphere

  View on GitHub
  Yet another SharpSphere
  ☆227Aug 1, 2021Updated 4 years ago
• nettitude / RunPE

  View on GitHub
  C# Reflective loader for unmanaged binaries.
  ☆447Jan 25, 2023Updated 3 years ago
• CodeXTF2 / WindowSpy

  View on GitHub
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆281Feb 24, 2025Updated 11 months ago
• anthemtotheego / InlineExecute-Assembly

  View on GitHub
  InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…
  ☆741Jul 22, 2023Updated 2 years ago
• c3c / ADExplorerSnapshot

  View on GitHub
  ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…
  ☆1,050Jan 22, 2026Updated 3 weeks ago
• MzHmO / psexec_noinstall

  View on GitHub
  Repository contains psexec, which will help to exploit the forgotten pipe
  ☆171Nov 5, 2024Updated last year
• zyn3rgy / LdapRelayScan

  View on GitHub
  Check for LDAP protections regarding the relay of NTLM authentication
  ☆532Nov 19, 2024Updated last year
• icyguider / DumpNParse

  View on GitHub
  A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.
  ☆152Nov 21, 2021Updated 4 years ago
• CCob / lsarelayx

  View on GitHub
  NTLM relaying for Windows made easy
  ☆579Apr 25, 2023Updated 2 years ago
• praetorian-inc / PortBender

  View on GitHub
  TCP Port Redirection Utility
  ☆760Jan 31, 2023Updated 3 years ago
• deepinstinct / Lsass-Shtinkering

  View on GitHub
  ☆385Jan 19, 2023Updated 3 years ago
• Ridter / atexec-pro

  View on GitHub
  Fileless atexec, no more need for port 445
  ☆404Mar 28, 2024Updated last year
• cube0x0 / SharpSystemTriggers

  View on GitHub
  Collection of remote authentication triggers in C#
  ☆524May 15, 2024Updated last year
• klezVirus / CheeseTools

  View on GitHub
  Self-developed tools for Lateral Movement/Code Execution
  ☆718Aug 17, 2021Updated 4 years ago
• FuzzySecurity / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆830Dec 2, 2023Updated 2 years ago
• dev-2null / ADCollector

  View on GitHub
  A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
  ☆633Oct 18, 2025Updated 3 months ago
• 1ight-2020 / GoRottenTomato

  View on GitHub
  Go实现部分Rubeus功能，可执行asktgt, asktgs, s4u, describe ticket, renew ticket, asreproast等
  ☆142May 5, 2022Updated 3 years ago
• pkb1s / SharpAllowedToAct

  View on GitHub
  Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
  ☆197Feb 1, 2021Updated 5 years ago
• wh0amitz / BypassCredGuard

  View on GitHub
  Credential Guard Bypass Via Patching Wdigest Memory
  ☆335Feb 3, 2023Updated 3 years ago
• mabangde / SharpGetUserLoginIPRPC

  View on GitHub
  提取域控日志，支持远程提取
  ☆171Mar 17, 2025Updated 10 months ago
• slyd0g / LNKMod

  View on GitHub
  C# project to create or modify existing LNKs
  ☆54Oct 18, 2022Updated 3 years ago
• b4rtik / SharpKatz

  View on GitHub
  Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
  ☆1,012Nov 7, 2021Updated 4 years ago
• wh0amitz / KRBUACBypass

  View on GitHub
  UAC Bypass By Abusing Kerberos Tickets
  ☆508Aug 10, 2023Updated 2 years ago
• CodeXTF2 / ScreenshotBOF

  View on GitHub
  An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…
  ☆490Dec 7, 2025Updated 2 months ago
• zblurx / dploot

  View on GitHub
  DPAPI looting remotely and locally in Python
  ☆540Oct 7, 2025Updated 4 months ago
• BronzeTicket / SharpNBTScan

  View on GitHub
  NetBIOS scanning tool written in c#
  ☆71Aug 6, 2021Updated 4 years ago
• bohops / SharpRDPHijack

  View on GitHub
  A proof-of-concept Remote Desktop (RDP) session hijack utility
  ☆498Nov 28, 2024Updated last year