Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
☆331Oct 20, 2019Updated 6 years ago
Alternatives and similar repositories for Recon-AD
Users that are interested in Recon-AD are comparing it to the libraries listed below
Sorting:
- A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.☆442Apr 1, 2022Updated 3 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆355Dec 1, 2020Updated 5 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- Tool to create hidden registry keys.☆492Oct 23, 2019Updated 6 years ago
- .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy P…☆178Dec 18, 2019Updated 6 years ago
- .NET Project for performing Authenticated Remote Execution☆405Feb 8, 2023Updated 3 years ago
- Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell☆498Mar 15, 2023Updated 2 years ago
- Create a minidump of the LSASS process from memory☆261Nov 2, 2022Updated 3 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆607Feb 16, 2023Updated 3 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Abusing Exchange via EWS☆152Sep 14, 2020Updated 5 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆275May 3, 2023Updated 2 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt…☆195Jun 30, 2019Updated 6 years ago
- Collection of Beacon Object Files☆633Nov 1, 2022Updated 3 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,606Jul 10, 2023Updated 2 years ago
- Asynchronous Password Spraying Tool in C# for Windows Environments☆316Dec 19, 2023Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)☆321Nov 9, 2021Updated 4 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆864Mar 20, 2023Updated 2 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- ☆667Nov 17, 2021Updated 4 years ago
- C# Script used for Red Team☆723Nov 16, 2021Updated 4 years ago
- ☆281Dec 30, 2020Updated 5 years ago
- C# implementation of harmj0y's PowerView☆1,086Mar 22, 2024Updated last year
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 5 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Dec 8, 2022Updated 3 years ago
- Bloodhound Attack Path Automation in CobaltStrike☆326Apr 26, 2020Updated 5 years ago
- Also known by Microsoft as Knifecoat☆1,153Dec 22, 2022Updated 3 years ago
- The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.☆479May 24, 2022Updated 3 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,163Mar 31, 2021Updated 4 years ago
- Cobalt Strike kit for Lateral Movement☆678Feb 21, 2020Updated 6 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆203Jul 14, 2021Updated 4 years ago
- Zipper, a CobaltStrike file and folder compression utility.☆223Jan 18, 2020Updated 6 years ago
- Run Rubeus via Rundll32☆207Apr 25, 2020Updated 5 years ago
- ☆198Mar 19, 2020Updated 5 years ago
- .NET 4.0 WinRM API Command Execution☆166Sep 11, 2020Updated 5 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GP…☆1,302Dec 15, 2020Updated 5 years ago