Alternatives and similar repositories for adexplorersnapshot-rs

Users that are interested in adexplorersnapshot-rs are comparing it to the libraries listed below

• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year
• CCob / DRSAT

  View on GitHub
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆273Dec 27, 2024Updated last year
• decoder-it / DFSCoerce-exe-2

  View on GitHub
  DFSCoerce exe revisited version with custom authentication
  ☆42Jan 13, 2024Updated 2 years ago
• CCob / Shwmae

  View on GitHub
  ☆160Jan 27, 2025Updated last year
• CrowdStrike / sccmhound

  View on GitHub
  A BloodHound collector for Microsoft Configuration Manager
  ☆364Jul 7, 2025Updated 7 months ago
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆345Nov 19, 2024Updated last year
• decoder-it / KrbRelay-SMBServer

  View on GitHub
  ☆235Oct 8, 2024Updated last year
• Malcrove / SeamlessPass

  View on GitHub
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆232Aug 25, 2024Updated last year
• nettitude / SharpConflux

  View on GitHub
  ☆65Mar 15, 2024Updated last year
• safedv / RustiveDump

  View on GitHub
  LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…
  ☆381Apr 26, 2025Updated 9 months ago
• PShlyundin / Coverage

  View on GitHub
  A Python-based tool for analyzing Active Directory security posture by processing LDAP dumps, NTDS.dit extracts, and password cracking re…
  ☆25May 6, 2025Updated 9 months ago
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆381Dec 13, 2024Updated last year
• MaLDAPtive / Invoke-Maldaptive

  View on GitHub
  MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
  ☆336Aug 7, 2024Updated last year
• mandiant / ccmpwn

  View on GitHub
  ☆216Mar 26, 2024Updated last year
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆222Dec 3, 2025Updated 2 months ago
• g0h4n / RustHound-CE

  View on GitHub
  Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
  ☆447Jan 15, 2026Updated last month
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆321Jul 2, 2023Updated 2 years ago
• jfjallid / go-secdump

  View on GitHub
  Tool to remotely dump secrets from the Windows registry
  ☆522Nov 18, 2025Updated 2 months ago
• decoder-it / ADCSCoercePotato

  View on GitHub
  ☆242May 5, 2024Updated last year
• synacktiv / SCCMSecrets

  View on GitHub
  SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
  ☆260Nov 22, 2025Updated 2 months ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆670Aug 15, 2025Updated 6 months ago
• decoder-it / ChgPass

  View on GitHub
  ☆137Feb 11, 2025Updated last year
• CICADA8-Research / MyMSIAnalyzer

  View on GitHub
  Analyse MSI files for vulnerabilities
  ☆143Aug 30, 2024Updated last year
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆231Feb 12, 2025Updated last year
• c3c / ADExplorerSnapshot

  View on GitHub
  ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…
  ☆1,050Jan 22, 2026Updated 3 weeks ago
• FalconForceTeam / SOAPHound

  View on GitHub
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆859Feb 3, 2024Updated 2 years ago
• 0xsp-SRD / MDE_Enum

  View on GitHub
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆212Jun 10, 2024Updated last year
• sensepost / susinternals

  View on GitHub
  psexecsvc - a python implementation of PSExec's native service implementation
  ☆235Feb 11, 2025Updated last year
• CICADA8-Research / Penetration

  View on GitHub
  Our Tips&Tricks
  ☆128Feb 17, 2025Updated last year
• jojonas / SharpSAMDump

  View on GitHub
  SAM Dumping in C#
  ☆54Nov 27, 2025Updated 2 months ago
• v1k1ngfr / fuegoshell

  View on GitHub
  Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445
  ☆53Apr 27, 2024Updated last year
• MzHmO / LeakedWallpaper

  View on GitHub
  Leak of any user's NetNTLM hash. Fixed in KB5040434
  ☆259Aug 13, 2024Updated last year
• VoldeSec / PatchlessInlineExecute-Assembly

  View on GitHub
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆273Apr 17, 2023Updated 2 years ago
• NtDallas / KrakenMask

  View on GitHub
  Sleep obfuscation
  ☆267Dec 13, 2024Updated last year
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆126Sep 1, 2024Updated last year
• 0xedh / dumpguard_bof

  View on GitHub
  Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.
  ☆207Jan 6, 2026Updated last month
• ToweringDragoon / SACL_Scanner

  View on GitHub
  SACL Scanner is a tool designed to scan and analyze SACLs.
  ☆50Feb 13, 2025Updated last year
• mandiant / msi-search

  View on GitHub
  ☆290Jul 20, 2023Updated 2 years ago
• lypd0 / DeadPotato

  View on GitHub
  DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…
  ☆459Aug 17, 2024Updated last year