Alternatives and similar repositories for RedTeamGrimoire

Users that are interested in RedTeamGrimoire are comparing it to the libraries listed below

• rtecCyberSec / BitlockMove
  Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
  ☆422Updated 6 months ago
• sensepost / susinternals
  psexecsvc - a python implementation of PSExec's native service implementation
  ☆232Updated 11 months ago
• bytewreck / DumpGuard
  Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.
  ☆497Updated 2 months ago
• logangoins / SharpSuccessor
  SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.
  ☆367Updated 3 months ago
• Flangvik / ObfuscatedSharpCollection
  Attempt at Obfuscated version of SharpCollection
  ☆238Updated last month
• RedefiningReality / Cobalt-Strike
  Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
  ☆322Updated last year
• rasta-mouse / OST-C2-Spec
  Open Source C&C Specification
  ☆277Updated 10 months ago
• andreisss / Ghosting-AMSI
  Ghosting-AMSI
  ☆220Updated 8 months ago
• EricEsquivel / Inline-EA
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆298Updated 9 months ago
• ajm4n / DLLHound
  Find potential DLL Sideloads on your windows computer
  ☆216Updated last year
• trustedsec / Titanis
  Windows protocol library, including SMB and RPC implementations, among others.
  ☆599Updated 2 months ago
• dobin / SuperMega
  Stealthily inject shellcode into an executable
  ☆432Updated 2 months ago
• zyn3rgy / smbtakeover
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆341Updated last year
• cybersectroll / TrollAMSI
  ☆186Updated 6 months ago
• ZERODETECTION / MSC_Dropper
  ☆242Updated last year
• 0xdea / blindsight
  Red teaming tool to dump LSASS memory, bypassing basic countermeasures.
  ☆247Updated 2 months ago
• adityatelange / evil-winrm-py
  Execute commands interactively on remote Windows machines using the WinRM protocol
  ☆310Updated 2 weeks ago
• Tylous / Freeze.rs
  Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
  ☆195Updated last year
• Friends-Security / SharpExclusionFinder
  Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
  ☆229Updated last year
• xforcered / RemoteMonologue
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆275Updated 6 months ago
• logangoins / Krueger
  Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
  ☆400Updated 3 months ago
• SpecterOps / MSSQLHound
  PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph
  ☆275Updated last week
• Mr-Un1k0d3r / .NetConfigLoader
  .net config loader
  ☆348Updated 2 years ago
• mandiant / msi-search
  ☆290Updated 2 years ago
• 3lp4tr0n / SessionHop
  Windows Session Hijacking via COM
  ☆324Updated last month
• deepinstinct / DCOMUploadExec
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆378Updated last year
• coffeegist / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆340Updated 3 weeks ago
• 0xthirteen / Carseat
  Python implementation of GhostPack's Seatbelt situational awareness tool
  ☆269Updated last year
• TheManticoreProject / Delegations
  A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …
  ☆210Updated 6 months ago
• ricardojoserf / TrickDump
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆530Updated 8 months ago