Alternatives and similar repositories for Invoke-SPSI

Users that are interested in Invoke-SPSI are comparing it to the libraries listed below

• decoder-it / KrbRelay-SMBServer
  ☆233Updated last year
• zimedev / certipy-merged
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆163Updated 8 months ago
• zh54321 / SnafflerParser
  Parses Snaffler output file and generate beautified outputs.
  ☆113Updated 11 months ago
• TheManticoreProject / Delegations
  A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …
  ☆210Updated 6 months ago
• decoder-it / printerbugnew
  The DCERPC only printerbug.py version
  ☆186Updated 2 months ago
• CompassSecurity / bloodhoundce-resources
  ☆92Updated last month
• nromsdahl / squarephish2
  OAuth Device Code Phishing Toolkit
  ☆105Updated 4 months ago
• mallo-m / Cpp-ExecAssembly
  C++ Reflective Assembly Loader
  ☆30Updated 10 months ago
• gatariee / minrm
  a minimalistic winrm client written in python
  ☆25Updated 7 months ago
• xforcered / RemoteMonologue
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆275Updated 6 months ago
• Sh4N4C1 / sh4loader
  ☆29Updated last year
• zyn3rgy / RelayInformer
  Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective
  ☆162Updated last month
• 1r0BIT / TaskHound
  Tool to enumerate privileged Scheduled Tasks on Remote Systems
  ☆260Updated this week
• logangoins / SharpSuccessor
  SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.
  ☆367Updated 3 months ago
• Fudgedotdotdot / dump_kerberos_tickets
  Dump Kerberos tickets
  ☆43Updated 5 months ago
• rtecCyberSec / RAITrigger
  Local SYSTEM auth trigger for relaying
  ☆168Updated 5 months ago
• m4lwhere / profilehound
  ProfileHound - BloodHound OpenGraph collector for user profiles stored on domain machines. Make informed decisions about looting secrets …
  ☆111Updated last week
• n3rada / MSSQLand
  Interract with Microsoft SQL Server (MS SQL | MSSQL) servers and their linked instances in restricted environments, without the need for …
  ☆48Updated last week
• b5null / Invoke-BadSuccessor.ps1
  PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)
  ☆39Updated last month
• synacktiv / SCCMSecrets
  SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
  ☆256Updated last month
• p4p1 / havoc-privkit
  a port of privkit bof for havoc
  ☆24Updated 2 years ago
• thelikes / slivercloak
  PoC framework for Sliver compilation
  ☆23Updated 11 months ago
• SenSecurity / Founding
  Founding is a generator that will create a loader encrypted or obfuscated with different execution types
  ☆107Updated 4 months ago
• chryzsh / awesome-bof
  🧠 The ultimate, community-curated resource for Beacon Object Files (BOFs) — tutorials, how-tos, deep dives, and reference materials.
  ☆96Updated 3 weeks ago
• LuemmelSec / APEX
  Azure Post Exploitation Framework
  ☆244Updated 2 months ago
• monsieurPale / BreakFAST
  Proof of concept for Kerberos Armoring abuse.
  ☆56Updated 3 weeks ago
• Thunter-HackTeam / EvilentCoerce
  ☆155Updated 8 months ago
• badsectorlabs / sccm-http-looter
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)
  ☆206Updated last year
• anonymous300502 / Nuke-AMSI
  NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.
  ☆171Updated 3 weeks ago
• c2pain / RustPatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass in Rust
  ☆58Updated last year