A module for CME that spiders across a domain.
☆35Jul 15, 2022Updated 3 years ago
Alternatives and similar repositories for hash_spider
Users that are interested in hash_spider are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- Simple and sane cryptographic wrapper library.☆27Apr 21, 2023Updated 2 years ago
- ☆12Oct 24, 2022Updated 3 years ago
- Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+☆23Jul 31, 2025Updated 7 months ago
- Custom Queries - Brought Up to BH4.1 syntax☆277Dec 7, 2025Updated 3 months ago
- ☆26Mar 10, 2022Updated 4 years ago
- Identify the attack paths in BloodHound breaking your AD tiering☆326Nov 6, 2022Updated 3 years ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- Load any Beacon Object File using Powershell!☆261Dec 9, 2021Updated 4 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated 2 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆446Oct 19, 2022Updated 3 years ago
- Nim-based assembly packer and shellcode loader for opsec & profit☆488Feb 24, 2023Updated 3 years ago
- A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…☆20Aug 29, 2022Updated 3 years ago
- Spin up a reverse proxy quickly on Heroku☆15Dec 5, 2020Updated 5 years ago
- ☆160Feb 8, 2025Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆89Jul 7, 2022Updated 3 years ago
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆20Jul 8, 2022Updated 3 years ago
- A simple BOF implementation of klist using Windows API☆32Jul 7, 2022Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- D/Invoke implementation in Nim☆100Jun 8, 2022Updated 3 years ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆484Jul 9, 2024Updated last year
- Nim version of MDSec's Parallel Syscall PoC☆124Jan 14, 2022Updated 4 years ago
- ☆23Mar 9, 2022Updated 4 years ago
- blame Huy☆42Jan 3, 2021Updated 5 years ago
- WIP shellcode loader in nim with EDR evasion techniques☆219Mar 30, 2022Updated 3 years ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆148Jun 2, 2022Updated 3 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆257Dec 2, 2021Updated 4 years ago
- Generate Mimikatz Golden Ticket commands with ease!☆51Dec 4, 2020Updated 5 years ago
- Powershell module to get the NetNTLMv2 hash of the current user☆96Jul 5, 2022Updated 3 years ago
- ☆145Oct 31, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.☆313Jul 8, 2022Updated 3 years ago
- Run Powershell without software restrictions.☆281Sep 8, 2021Updated 4 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- ☆12Aug 29, 2025Updated 6 months ago