Alternatives and similar repositories for PSByPassCLM

Users that are interested in PSByPassCLM are comparing it to the libraries listed below

• calebstewart / bypass-clm

  View on GitHub
  PowerShell Constrained Language Mode Bypass
  ☆289Jan 31, 2021Updated 5 years ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,594Jul 10, 2023Updated 2 years ago
• antonioCoco / RunasCs

  View on GitHub
  RunasCs - Csharp and open version of windows builtin runas.exe
  ☆1,338Jul 12, 2024Updated last year
• S3cur3Th1sSh1t / PowerSharpPack

  View on GitHub
  ☆1,665Apr 14, 2025Updated 10 months ago
• Flangvik / NetLoader

  View on GitHub
  Loads any C# binary in mem, patching AMSI + ETW.
  ☆838Oct 3, 2021Updated 4 years ago
• rvazarkar / GMSAPasswordReader

  View on GitHub
  ☆254Feb 17, 2023Updated 2 years ago
• hausec / Bloodhound-Custom-Queries

  View on GitHub
  Custom Query list for the Bloodhound GUI based off my cheatsheet
  ☆836Oct 29, 2025Updated 3 months ago
• eladshamir / Whisker

  View on GitHub
  Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …
  ☆930Nov 11, 2024Updated last year
• Kevin-Robertson / Powermad

  View on GitHub
  PowerShell MachineAccountQuota and DNS exploit tools
  ☆1,428Jan 11, 2023Updated 3 years ago
• S3cur3Th1sSh1t / Amsi-Bypass-Powershell

  View on GitHub
  This repo contains some Amsi Bypass methods i found on different Blog Posts.
  ☆2,127Nov 28, 2024Updated last year
• antonioCoco / RoguePotato

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆1,148Jan 9, 2021Updated 5 years ago
• antonioCoco / RogueWinRM

  View on GitHub
  Windows Local Privilege Escalation from Service Account to System
  ☆914Feb 23, 2020Updated 5 years ago
• dirkjanm / krbrelayx

  View on GitHub
  Kerberos relaying and unconstrained delegation abuse toolkit
  ☆1,526Jan 27, 2025Updated last year
• mgeeky / cobalt-arsenal

  View on GitHub
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,098Apr 19, 2023Updated 2 years ago
• skahwah / SQLRecon

  View on GitHub
  A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
  ☆777Oct 16, 2025Updated 3 months ago
• 0xthirteen / SharpMove

  View on GitHub
  .NET Project for performing Authenticated Remote Execution
  ☆406Feb 8, 2023Updated 3 years ago
• leechristensen / SpoolSample

  View on GitHub
  PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…
  ☆1,086May 29, 2024Updated last year
• tevora-threat / SharpView

  View on GitHub
  C# implementation of harmj0y's PowerView
  ☆1,083Mar 22, 2024Updated last year
• cube0x0 / SharpSystemTriggers

  View on GitHub
  Collection of remote authentication triggers in C#
  ☆524May 15, 2024Updated last year
• mgeeky / Stracciatella

  View on GitHub
  OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at s…
  ☆538Sep 18, 2022Updated 3 years ago
• FuzzySecurity / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆830Dec 2, 2023Updated 2 years ago
• cube0x0 / KrbRelay

  View on GitHub
  Framework for Kerberos relaying
  ☆939May 29, 2022Updated 3 years ago
• tothi / rbcd-attack

  View on GitHub
  Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
  ☆610Aug 15, 2025Updated 6 months ago
• mdsecactivebreach / SharpShooter

  View on GitHub
  Payload Generation Framework
  ☆1,956Aug 21, 2024Updated last year
• outflanknl / Dumpert

  View on GitHub
  LSASS memory dumper using direct system calls and API unhooking.
  ☆1,577Jan 5, 2021Updated 5 years ago
• Aetsu / OffensivePipeline

  View on GitHub
  OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…
  ☆819Oct 27, 2023Updated 2 years ago
• RedCursorSecurityConsulting / PPLKiller

  View on GitHub
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆986Dec 4, 2022Updated 3 years ago
• itm4n / FullPowers

  View on GitHub
  Recover the default privilege set of a LOCAL/NETWORK SERVICE account
  ☆672May 3, 2020Updated 5 years ago
• CCob / SweetPotato

  View on GitHub
  Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
  ☆1,808Sep 4, 2024Updated last year
• Flangvik / BetterSafetyKatz

  View on GitHub
  Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…
  ☆881Mar 29, 2021Updated 4 years ago
• mandiant / SharPersist

  View on GitHub
  ☆1,529Aug 11, 2023Updated 2 years ago
• rvrsh3ll / Rubeus-Rundll32

  View on GitHub
  Run Rubeus via Rundll32
  ☆208Apr 25, 2020Updated 5 years ago
• NotMedic / NetNTLMtoSilverTicket

  View on GitHub
  SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
  ☆926Jul 26, 2021Updated 4 years ago
• med0x2e / NoAmci

  View on GitHub
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆218Mar 5, 2020Updated 5 years ago
• S3cur3Th1sSh1t / Invoke-SharpLoader

  View on GitHub
  ☆360Apr 24, 2021Updated 4 years ago
• decoder-it / powershellveryless

  View on GitHub
  Constrained Language Mode + AMSI bypass all in one
  ☆158Jul 29, 2019Updated 6 years ago
• samratashok / ADModule

  View on GitHub
  Microsoft signed ActiveDirectory PowerShell module
  ☆1,003Oct 3, 2019Updated 6 years ago
• matterpreter / OffensiveCSharp

  View on GitHub
  Collection of Offensive C# Tooling
  ☆1,468Feb 6, 2023Updated 3 years ago
• AlmondOffSec / PassTheCert

  View on GitHub
  Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆725Sep 3, 2025Updated 5 months ago