Alternatives and similar repositories for POCs:

Users that are interested in POCs are comparing it to the libraries listed below

• seriotonctf / AD-Tools
  List of some AD tools I frequently use
  ☆45Updated 3 months ago
• sensepost / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆82Updated 2 months ago
• ASP4RUX / bypassEDR-AV
  ☆56Updated 5 months ago
• deletehead / OctoC2t
  Simple C2 using GitHub repository as comms channel.
  ☆31Updated 6 months ago
• MWR-CyberSec / AD-CS-Forest-Exploiter
  Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
  ☆95Updated last year
• w1th4d / JarPlant
  Java archive implant toolkit.
  ☆60Updated 2 weeks ago
• two06 / CerealKiller
  .NET deserialization hunter
  ☆77Updated 9 months ago
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆56Updated 11 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 3 months ago
• ar0x4 / ysoserial.net-docker
  ysoserial.net docker image
  ☆28Updated 7 months ago
• horizon3ai / CVE-2024-9464
  Proof of Concept Exploit for CVE-2024-9464
  ☆45Updated 6 months ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 7 months ago
• EQSTLab / CVE-2024-46538
  PfSense Stored XSS lead to Arbitrary Code Execution exploit
  ☆47Updated 3 months ago
• synacktiv / kcmdump
  Dump Kerberos tickets from the KCM database of SSSD
  ☆50Updated 7 months ago
• macrl2000 / reaper-wu
  vulnlab.com reaper writeup
  ☆26Updated last year
• 0xjessie21 / CVE-2025-24016
  CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)
  ☆37Updated 2 months ago
• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆84Updated 4 months ago
• kleiton0x00 / contexter
  Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3
  ☆22Updated 8 months ago
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆40Updated 11 months ago
• Hagrid29 / CVE-2024-2432-PaloAlto-GlobalProtect-EoP
  ☆59Updated last year
• DarkSpaceSecurity / DocEx
  APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files
  ☆81Updated last month
• gavz / hfwintelnet
  Microsoft Telnet Server MS-TNAP Authentication Bypass Exploit
  ☆10Updated last week
• sdcampbell / nmapurls
  Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automat…
  ☆41Updated last year
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆112Updated last month
• 0xBienCuit / InfraRed-AWS
  ☆58Updated 7 months ago
• LuemmelSec / CVE-2023-29357
  ☆52Updated last year
• chebuya / exploits
  Repo for all my exploits/PoCs
  ☆50Updated 2 months ago
• SpecterOps / bloodhound-cli
  ☆62Updated this week
• OtterHacker / AWSRedirector
  ☆54Updated 2 months ago
• aleemladha / SANS-Workshop-Lab
  SANS Workshop: Active Directory Privilege Escalation with Empire!
  ☆29Updated last month