Alternatives and similar repositories for Offensive_tools

Users that are interested in Offensive_tools are comparing it to the libraries listed below

• trustedsec / orpheus
  Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
  ☆402Updated 7 months ago
• Dec0ne / ShadowSpray
  A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
  ☆473Updated 3 years ago
• Z4kSec / Masky
  Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory
  ☆399Updated 2 months ago
• zblurx / certsync
  Dump NTDS with golden certificates and UnPAC the hash
  ☆641Updated last year
• layer8secure / SilentHound
  Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
  ☆491Updated 2 years ago
• VirtualAlllocEx / Payload-Download-Cradles
  This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …
  ☆255Updated 3 years ago
• pwn1sher / frostbyte
  FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
  ☆386Updated 3 years ago
• icyguider / MoreImpacketExamples
  More examples using the Impacket library designed for learning purposes.
  ☆265Updated 2 years ago
• p0dalirius / windows-coerced-authentication-methods
  A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) wit…
  ☆565Updated 8 months ago
• S3cur3Th1sSh1t / SharpImpersonation
  A User Impersonation tool - via Token or Shellcode injection
  ☆419Updated 3 years ago
• med0x2e / NTLMRelay2Self
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆413Updated last year
• deepinstinct / Lsass-Shtinkering
  ☆382Updated 2 years ago
• mdsecactivebreach / Farmer
  ☆400Updated 4 years ago
• calebstewart / bypass-clm
  PowerShell Constrained Language Mode Bypass
  ☆281Updated 4 years ago
• Cobalt-Strike / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆232Updated 2 months ago
• cube0x0 / SharpSystemTriggers
  Collection of remote authentication triggers in C#
  ☆513Updated last year
• boku7 / azureOutlookC2
  Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…
  ☆489Updated 2 years ago
• ly4k / Pachine
  Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
  ☆277Updated 3 years ago
• api0cradle / CVE-2023-23397-POC-Powershell
  ☆347Updated 2 years ago
• dosxuz / DefenderStop
  Stop Defender Service using C# via Token Impersonation
  ☆170Updated 3 years ago
• xforcered / SQLRecon
  A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
  ☆402Updated 9 months ago
• iomoath / PowerShx
  Run Powershell without software restrictions.
  ☆283Updated 4 years ago
• Octoberfest7 / XLL_Phishing
  XLL Phishing Tradecraft
  ☆428Updated 3 years ago
• nettitude / SharpWSUS
  ☆468Updated 2 years ago
• fortalice / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆364Updated last year
• ly4k / PassTheChallenge
  Recovering NTLM hashes from Credential Guard
  ☆349Updated 2 years ago
• cepxeo / dll4shell
  Shellcode launcher for AV bypass
  ☆217Updated last year
• xforcered / InvisibilityCloak
  Proof-of-concept obfuscation toolkit for C# post-exploitation tools
  ☆432Updated 3 years ago
• m0n1x90 / ADReaper
  A fast enumeration tool for Windows Active Directory Pentesting written in Go
  ☆279Updated 2 years ago
• GoSecure / pywsus
  Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
  ☆325Updated 2 years ago