Alternatives and similar repositories for aardwolf

Users that are interested in aardwolf are comparing it to the libraries listed below

• MzHmO / TGSThief
  My implementation of the GIUDA project in C++
  ☆188Updated 2 years ago
• hrtywhy / BOF-CobaltStrike
  Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
  ☆134Updated 3 years ago
• nettitude / Aladdin
  ☆223Updated 2 years ago
• slemire / WSPCoerce
  PoC to coerce authentication from Windows hosts using MS-WSP
  ☆299Updated 2 years ago
• nettitude / ETWHash
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆260Updated 2 years ago
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆147Updated 2 years ago
• powerseb / PowerExtract
  ☆119Updated 8 months ago
• p0dalirius / MSSQL-Analysis-Coerce
  A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.
  ☆132Updated 2 years ago
• moloch-- / sliver-py
  A Python gRPC Client Library for Sliver
  ☆78Updated 8 months ago
• zblurx / acltoolkit
  ACL abuse swiss-knife
  ☆125Updated 2 years ago
• MythicAgents / Athena
  ☆213Updated last month
• smokeme / airstrike
  ☆169Updated last year
• SaadAhla / AMSI_patch
  Patching AmsiOpenSession by forcing an error branching
  ☆151Updated 2 years ago
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆178Updated 2 years ago
• nccgroup / DroppedConnection
  ☆129Updated 2 years ago
• 0xv1n / RemoteSessionEnum
  Remotely Enumerate sessions using undocumented Windows Station APIs
  ☆118Updated last year
• nettitude / ShellcodeMutator
  ☆245Updated 3 years ago
• Wh04m1001 / SysmonEoP
  ☆184Updated 3 years ago
• tothi / serviceDetector
  Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…
  ☆239Updated 2 years ago
• sevagas / Advanced_Initial_access_in_2024_OffensiveX
  Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"
  ☆146Updated last year
• quarkslab / proxyblob
  SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.
  ☆258Updated 7 months ago
• OmriBaso / BesoToken
  A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).
  ☆93Updated 3 years ago
• leftp / DPAPISnoop
  A C# tool to output crackable DPAPI hashes from user MasterKeys
  ☆139Updated last year
• MzHmO / NtlmThief
  Extracting NetNTLM without touching lsass.exe
  ☆240Updated 2 years ago
• codewhitesec / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆232Updated 3 years ago
• ly4k / PassTheChallenge
  Recovering NTLM hashes from Credential Guard
  ☆351Updated 2 years ago
• 1njected / CMLoot
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares
  ☆190Updated 2 years ago
• ly4k / PrintNightmare
  Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
  ☆202Updated 4 years ago
• cube0x0 / LdapSignCheck
  Beacon Object File & C# project to check LDAP signing
  ☆197Updated last year
• bananabr / TimeException
  A tool to find folders excluded from AV real-time scanning using a time oracle
  ☆234Updated last year