Alternatives and similar repositories for DefCon33

Users that are interested in DefCon33 are comparing it to the libraries listed below

• nullenc0de / Internal_Pentest
  Scripts that automate portions of pentests.
  ☆57Updated this week
• Lucreza / WinDefExclusionFinder
  Small Script that permits to enumerate folders in Windows Defender Exclusion List with no Administrative privileges
  ☆27Updated last year
• aleemladha / SANS-Workshop-Lab
  SANS Workshop: Active Directory Privilege Escalation with Empire!
  ☆35Updated 2 months ago
• VKo9 / AD-attacks-automation-scripts
  This repository contains scripts about ACL abuse and any other active directory attacking methods.
  ☆36Updated 2 years ago
• MythicAgents / arachne
  Webshell agent in aspx and php
  ☆28Updated last month
• mosesrenegade / PMapper
  A tool for quickly evaluating IAM permissions in AWS.
  ☆60Updated 2 years ago
• n00py / DockerKnocker
  Exploits Unauth Docker API
  ☆43Updated 9 months ago
• PanosoikoGr / CloudTap
  Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…
  ☆48Updated 7 months ago
• synacktiv / kcmdump
  Dump Kerberos tickets from the KCM database of SSSD
  ☆55Updated last month
• epotseluevskaya / impacket_mssqlrelay
  Impacket with added MSSQL Relay server
  ☆49Updated last month
• Michaeladsl / Patronusx
  ☆54Updated last year
• dmcxblue / Red-Team-Guide
  A small red team course
  ☆40Updated 2 years ago
• websecnl / MagicByteSelector
  Burp Suite Extension for inserting a magic byte into responder's request
  ☆24Updated 2 years ago
• redrays-io / SAP-Threat-Modeling
  The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP syst…
  ☆51Updated 11 months ago
• LuemmelSec / CVE-2023-29357
  ☆53Updated 2 years ago
• emptynebuli / dauthi
  dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…
  ☆43Updated last year
• truerustyy / wcreddump
  Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…
  ☆79Updated last year
• dazzyddos / GraphShell
  ☆23Updated last year
• anrbn / GATOR
  GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments
  ☆89Updated last year
• carlospolop / aws-Perms2ManagedPolicies
  ☆14Updated last year
• net-dawg / SSHniffer
  ☆35Updated 2 years ago
• nollium / CVE-2024-50340-eos-exploit
  Exploit for Symfony CVE-2024-50340 (forked eos)
  ☆29Updated last year
• yoryio / ShodanFavicon
  List of MurmurHash3 favicon hashes of widely used technologies by vendor to search with Shodan.
  ☆35Updated last year
• honoki / burp-digitalocean-openvpn-socks
  A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it
  ☆51Updated 3 months ago
• CyberSecurityUP / ImgPayload
  Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …
  ☆25Updated 7 months ago
• RayRRT / SpicyAD
  SpicyAD is a C# Active Directory penetration testing tool designed for authorized security assessments. It combines multiple AD attack te…
  ☆97Updated last month
• spyx / ParamAngler
  ☆27Updated 2 years ago
• s3cb0y / CVE-2023-43770-POC
  A Proof-Of-Concept for the CVE-2023-43770 vulnerability.
  ☆33Updated 2 years ago
• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆55Updated 2 years ago
• anrbn / GCP-Attack-Defense
  A Project dedicated to documenting various attack and detection vectors that can be encountered within Google Cloud Platform (GCP).
  ☆60Updated last year