Alternatives and similar repositories for BOFTools:

Users that are interested in BOFTools are comparing it to the libraries listed below

• JDArmy / NO445-lateral-movement
  command execute without 445 port
  ☆52Updated 3 years ago
• woaiqiukui / sam-the-admin-maq
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…
  ☆23Updated 8 months ago
• jiushill / wmi-hack-py
  ☆49Updated last year
• StarfireLab / AutoZerologon
  Zerologon自动化脚本
  ☆88Updated last year
• AgeloVito / self_delete_bof
  BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…
  ☆71Updated last year
• timwhitez / Doge-DumpMem
  dump lsass
  ☆37Updated 2 years ago
• FeigongSec / NTLMINFO
  ☆46Updated 3 years ago
• yanghaoi / LaunchSystemCmd
  在权限足够的情况下弹出system权限的cmd命令行，包含exe和dll两种文件类型，可用于一些可能存在本地提权漏洞的测试。
  ☆33Updated 2 years ago
• Jumbo-WJB / search_rbcd
  Search msDS-AllowedToActOnBehalfOfOtherIdentity
  ☆35Updated 3 years ago
• Ridter / MSSQL_CLR
  MSSQL CLR for pentest.
  ☆54Updated last year
• Jumbo-WJB / SharpAllowedToAct-Modify
  resource-based constrained delegation RBCD
  ☆43Updated 3 years ago
• VMsec / PortBenderEXE
  PortBender修改为exe版本
  ☆24Updated last year
• howmp / iisproxy
  通过websocket在IIS8(Windows Server 2012)以上实现socks5代理
  ☆86Updated last year
• LostZX / vcenter_tool
  ☆25Updated last year
• XiaoliChan / Xiaoli-Tools
  ☆15Updated last year
• StarfireLab / BrowserPivot
  ☆31Updated last year
• Like0x / SharpBlock
  A method of bypassing EDR's active projection DLL's by preventing entry point exection
  ☆22Updated 3 years ago
• badboycxcc / Beacon
  重构Beacon
  ☆15Updated 6 months ago
• XiaoliChan / CrackMapExec-Extension
  CrackMapExec extension module/protocol support
  ☆41Updated last year
• JDArmy / PwdCollection
  密码收集
  ☆58Updated 2 years ago
• CrossC2 / autoRebind
  Automatically parse Malleable C2 profiled into CrossC2 rebinding library source code
  ☆21Updated 2 years ago
• INotGreen / Invoke-SharpOffensive
  ☆15Updated last year
• dust-life / Free445-BOF
  ☆21Updated last year
• ASkyeye / ImpulsiveDLLHijack
  C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can…
  ☆16Updated 3 years ago
• Jumbo-WJB / PTH_Exchange
  If you only have hash, you can still operate exchange
  ☆71Updated 3 years ago
• Jumbo-WJB / SharpSniper-Modify
  query specific user and login IP from remote machine
  ☆17Updated 2 years ago
• StarfireLab / EFSRPCrpc
  利用EFSRPC协议批量探测出网
  ☆65Updated last year
• M0nster3 / ITaskServers
  Bypass EDR Create TaskServers
  ☆36Updated 2 years ago
• xunyang1 / ssp_dump_lsass
  RPC 调用添加ssp扩展dump lsass
  ☆17Updated 2 years ago
• seventeenman / SelfDel-BOF
  Delete file regardless of whether the handle is used via SetFileInformationByHandle
  ☆41Updated last year